Creative Intelligence @ Your Service		 Site Map
+1 214 234 9283 | Send Email

February 2010 - Advisory on Automatic Updates

Advisory: Update Software Regularly

Prior to now, we've believed that most customers should turn off automatic updating of software in favor of manual updates. But after many new security problems in 2009, including the spread of malware by USB drives, we no longer believe that's a safe recommendation.

Yet we still saw some problems where an automatic update crippled a system so it could not reboot. For some, the cure was worse then the disease: what to do?

For 2010, we believe most customers would be best served by performing one of the following practices:

For the first choice, just run in automatic mode but disable accepting recommended or non-critical updates. That way the absolute minimum set of security fixes will be installed. And hopefully no fix will "cripple" your system!

If the thought of automatic updates is a bit uncomfortable, then run a manual update every two weeks if possible, and no less frequently then once a month. Accept any update that meets at least one of the following criteria:

Why these choices? Well, cumulative updates have gone through a more rigorous testing cycle, and are unlikely to cause other problems. And attacks from unauthenticated users are the ones that cause the most damage: it is possible to exploit the system without having to first log in.

Eventually the important updates for an authenticated or logged-in will get “rolled up” into a cumulative or integrated update after more testing.

Questions?

Just contact us with any comments, concerns, or questions about items contained in this document. Or IT issues in general. Or call us at the telephone number below.

Get Notified About Site Updates

To get notified when we add a new article or tip, follow us on Twitter. To get monthly updates, subscribe to our mailing list by sending this email.

Left Brained Geeks +1 214 234 9283