Regularly download updates and patches for operating systems and other software. Unpatched and out-of-date operating systems and applications are the primary target for malware infection and dissemination. Malicious exploits develop very rapidly and updating just the operating system alone is no longer sufficient. Malware authors are constantly looking for a new attack surface in commonly used programs such as Adobe PDF Reader, QuickTime, Adobe Flash and Microsoft Office. According to the SANS paper "The Top Cyber Security Risks," application vulnerabilities exceed OS vulnerabilities.
Marshall University has licensed a system to automate and expedite the process of software updates for university-owned computers. This system is called the KACE K1000 Management Appliance (or KBOX for short) by Dell/KACE®. The KBOX Client software client will periodically remind a computer user when critical software updates are needed.
As for your personal computer, you should frequently check for available updates. Most major software companies regularly release updates and patches to fix new vulnerabilities in their software. One should beware of the bogus update sites or e-mails that appear to be from a legitimate company but provide links to the fake sites. Here we provide you with the correct links to operating system and internet-based applications that should be an absolute priority for updating and patching:
- Operating Systems
- Adobe Flash
- Adobe Acrobat Reader and Acrobat Pro
- Sun Java