Regularly download updates and patches for operating systems and other software. Unpatched and out-of-date operating systems and applications are the primary target for malware infection and dissemination. Malicious exploits develop very rapidly and updating just the operating system alone is no longer sufficient. Malware authors are constantly looking for a new attack surface in commonly used programs such as Adobe PDF Reader, QuickTime, Adobe Flash and Microsoft Office. According to the SANS paper "The Top Cyber Security Risks," application vulnerabilities exceed OS vulnerabilities.
Marshall University has licensed a system to automate and expedite the process of software updates for university-owned computers. This system is called the KACE K1000 Management Appliance (or KBOX for short) by Dell/KACE®. The KBOX Client software client will periodically remind a computer user when critical software updates are needed.
As for your personal computer, you should frequently check for available updates. Most major software companies regularly release updates and patches to fix new vulnerabilities in their software. One should beware of the bogus update sites or e-mails that appear to be from a legitimate company but provide links to the fake sites. Here we provide you with the correct links to operating system and internet-based applications that should be an absolute priority for updating and patching:
- Operating Systems
Microsoft and Apple provide free security updates for their software products.
- Windows: Microsoft issues patches for all Microsoft products on the second Tuesday of each month, as well as out-of-cycle patches on any day of the month. This is a good occasion to check manually, a practice that you should follow once every two weeks, to make sure all of the updates have been installed. Find out how to check for Windows Updates here.
- Apple OS X: Updates are issued frequently, and their contents may differ depending on which processor is in your Mac (PowerPC or Intel). Check for Apple OS X updates here.
- Adobe Flash
Click here to check your version of Adobe Flash Player.
- Adobe Acrobat Reader and Acrobat ProFollow the steps below in order to update Acrobat Reader and/or Acrobat Pro:
- Launch Acrobat Reader or Acrobat Pro
- Go to the ‘Help’ menu and select ‘Check for Updates’
- Follow the recommendations provided by the ‘Adobe Updater Utility.’
- Sun Java
Visit this link to check your Java version: http://java.com/en/download/help/testvm.xml
RealPlayer (if already installed) – note RealPlayer is not as common today as in years past. Do not update/install if RealPlayer is not already installed. If you like using RealPlayer follow these steps to update it:
- Determine your current version: Open the RealPlayer application
- If the application is outdated, a dialog box will appear at start up with two options: ‘Get It Now’ or ‘Remind Me Later.’ At the bottom of the dialog box is an unchecked box with ‘Don’t remind me to upgrade’ beside it. We strongly recommended you to NOT select this box. It is recommended you select ‘Get It Now,’ but if you choose to select ‘Remind Me Later,’ the dialog box will reappear the next time you open the application to remind you an upgrade is available.
- If you turned off the reminder for upgrades
- Click on the ‘Help’ tab from Toolbar
- Select ‘Check for Upgrade.’
Older, outdated and non-patched versions of internet browsers contain multiple vulnerabilities that can lead to memory corruption, spoofing and execution of malicious scripts or code. It is absolutely critical to update your internet browsers. Get the latest versions of the most popular web browsers below: