How to Download Security Patches

By Jennifer Martinez

Computer technology is constantly changing. Now, more than ever, we're enjoying the freedom that comes with technology, but some features can sometimes leave us open to attack, too.

What makes our operating systems (OS) vulnerable to attack from hackers? Sometimes it can be a combination of different technologies that don't work together properly. Or, it could be an oversight in the creation of our software that leaves us vulnerable to intruders.

But there are steps we can take to mend these holes in our operating systems. The trick is to stay ahead of the hackers.

Know the types of attack
The tools intruders use to troll for vulnerabilities are becoming increasingly sophisticated, and at the same time, easier to obtain and use. Equipped with the knowledge and details of a specific security hole, intruders now have the tools and techniques to scan for hundreds of thousands of vulnerable systems on the Internet, searching for those with unprotected vulnerabilities.

And when the hackers find a way in? They unleash Trojan horses, worms and viruses. Many of these contain keystroke logging and backdoor functionality, which allows hackers to manipulate our computers from a remote location. We can lose all our important information.

So we need to stay smart and to protect our computers, our personal information and our families. We need to install patches before intruders use details of an exploit to gain access to your system.

Develop a strategy
Most patches are delivered to your computer over the Internet. The very medium hackers use to attack your computer is the same one developers use to deliver anti-threat technology. But security firms can use the Internet just as effectively as hackers, so you don't need to worry. What's most important is that you download the patches as painlessly and as regularly as possible. Here are a few methods you can try:

• Check into purchasing a service contract from your OS vendor to provide you with patches, upgrades, and other customer assistance.
• Visit the web site of your OS or software manufacturer for patches and upgrades.
• Microsoft Windows offers an automatic update feature with its OS. It's free and will activate any time a new Windows patch is released.
• Subscribe to advisory and alert lists. These will alert you to any new software updates or patches that are released.
• Sign up for independent bug-tracking sources, such as the CERT Coordination Center's Advisory List or the BugTraq mailing list, or visit Security Focus regularly.

Patch early and often
A patch can be an upgrade (adding increased features), a bug fix, a new hardware driver, or an update to address new issues such as security or stability problems. You can download most patches for free. In some cases, only registered users may get certain upgrades. At other times, the only way to upgrade is to purchase the newer version at a discounted upgrade price (requiring a reinstallation of the program). Usually, you can install a patch over the top of an existing program.

• Apply patches, monitor updates, and make necessary upgrades to operating systems and software. Manufacturers of operating systems and software often release security patches as they find and fix problems.
• Run antivirus software and keep virus definitions current. Make sure security patches are up-to-date.
• Apply the latest security patches to email clients and web browsers.
• When identifying vulnerabilities, make sure you don't overlook systems that are perceived as "less critical." Many intrusions enter through seemingly less-critical holes. After the intruders gain access, they will use that entry as a springboard into more critical applications. Remember, anything that is exposed is mission-critical.
• As a preventative measure, back up your system and data at least once a month. Create two backups each time, storing them in separate places, one of which is outside your home. And make sure you have an emergency recovery disk, as well.

The bottom line: There will always be new vulnerabilities, no matter how current your computer's operating system or software. Keeping your computer up-to-date by installing patches and using security software is the best defense against intruders.