Monday, 20 April 2015

Never miss another security update

security update

Security updates protect you from the latest malware and hacking attacks, Jonathan Parkyn explains how to be first in the queue for new fixes

Software updates are a pain, but they're a necessary evil. Besides allowing developers to fix bugs and add features, they plug (‘patch’) security holes.

As demonstrated by the recent Freak flaw, fresh vulnerabilities are discovered all the time. To make sure you’re protected from them, you need to get the latest software updates as soon as they’re issued.

This is easier said than done. Microsoft hasn’t helped matters by “evolving” its Advanced Notification Service (www.snipca.com/15893). Until January 2015, the service provided vital information about forthcoming fixes to all Windows users - but this is now sent to paying customers only. The good news is there are plenty of other ways to hear about the latest updates for your PC, tablet and phone as soon as they’re released, and even get them installed automatically.


Scan your software for missing updates


Virtually all the programs installed on your PC - from your browser to your email program - are potentially vulnerable. Some programs include an option to check for updates automatically, which you can usually find in the Options, Preferences or About menu. For example, most modern web browsers apply security patches and other updates automatically.

But to make sure you’re getting the latest updates for all your programs, install a dedicated update scanner. Patch My PC (www.snipca.com/15894) is a great free program that checks the software on your PC and alerts you to any out-of-date versions by flagging them in red text (see screenshot below left). Better still, you can install any updates that are available with a single click of the Perform Updates button.

Patch My PC doesn’t cover all programs, but it will help you keep more than 100 of the most commonly exploited third-party programs and plug-ins on your PC updated safely, including Java, Flash, QuickTime and Adobe Reader.

We also recommend Secunia PSI (www.snipca.com/15885), which is free and can be set to install most program updates automatically, including several not covered by Patch My PC.

Get Windows patches automatically


The Advanced Notification Sendee may be a thing of the past for most of us non-payers, but Microsoft hasn’t stopped releasing software updates. It still issues updates (‘security bulletins’) for Windows on Patch Tuesday, which is usually the second Tuesday of every month, though sometimes it’s the fourth Tuesday. Here’s a list of the most recent security bulletins: www.snipca.com/15895 (note that Microsoft writes dates in that annoying American way, putting the month first - so ‘3/10/2015’ means 10 March).

As long as your PC is set to download and install updates automatically, you’ll get them without having to do anything. Sometimes you may need to restart your PC in order to complete the installation process, though, so look out for notifications and restart as soon as it’s convenient.

To check you’re receiving Windows updates automatically, open the Control Panel, click ‘System and Security’, Windows Update, then ‘Change settings’. Make sure ‘Install updates automatically (recommended)’ is selected under ‘Important updates’ and that ‘Give me recommended updates the same way I receive important updates’ is ticked.

Unfortunately, Windows Update doesn’t always work as it should, and some updates may not be installed automatically. To check whether anything has slipped through the net, go to Windows Update and click ‘Check for updates’, then install any that are listed as available. If an update still fails to install, or if you’re experiencing any other trouble with Windows Update, use the free Windows Update Automated Troubleshooter (www.snipca.com/15884, click ‘Run now’ in the blue box).

You can also check for problems with specific updates. Go to Windows Update, click ‘View update history’ and then look for an update that’s listed as Failed. Right-click it and select ‘View details’. You should see an error code. Click ‘Get help with this error’ or type the code into Google to see if there’s a fix.

Never miss another Office patch


Last year a massive vulnerability was discovered in Word that could potentially let hackers take control of your PC using remote code execution (www.snipca. com/15899).

Microsoft quickly released a patch, but unless you’re running Office 365 the update may not have been installed. This is because other versions of Office (the ones most of us use) don’t receive patches and updates automatically via Windows Update. To ensure you get Office patches as soon as they’re released, tweak your Windows Update settings.

In Windows 8/8.1, press Win+C and click Settings, ‘Change PC settings’, ‘Update and recovery’, Windows Update and then ‘Choose how updates get installed’. Make sure ‘Give me updates for other Microsoft products when I update Windows’ is ticked.

In Windows 7, open Windows Update. If you see a message saying ‘Get updates for other Microsoft products’, it means you’re only receiving updates for your operating system (OS) and not for other Microsoft products like Office. Click ‘Find out more’ and follow the instructions. If this doesn’t work (and we’ve noticed it doesn’t always), try this workaround: install Microsoft’s Silverlight plug-in (www.microsoft.com/silverlight) and, at the end of the procedure, tick ‘Enable Microsoft Update (recommended)’.

Check update settings for your phone or tablet


The recent Freak bug didn’t just strike Windows - Android and iOS were affected too, with Microsoft, Google and Apple all racing to release fixes. There’s currently no way of setting your device to install Android or iOS updates automatically, but we recommend installing updates as soon as you see an on-screen notification telling you there’s one available.

To check for available updates on your Android tablet or phone, go to Settings and tap About phone’ (or About tablet’), ‘System updates’, then ‘Check for update’. In iOS, tap Settings, General and then Software Update.

It’s also a good idea to set your phone and tablet apps to update automatically, on Wi-Fi only (otherwise you could end up with a hefty mobile-data bill). In Android, open the Google Play app and tap the menu (three lines). Settings, then ‘Auto-update apps’ and choose ‘Auto-update apps over Wi-Fi only’ (see screenshot left). In iOS, tap Settings, then ‘iTunes & App Store’ and make sure Updates is switched on under Automatic Downloads, but leave Use Mobile Data switched off.

Twitter can be usefull!


You may think of Twitter as the preserve of trolls and celebrities, but it does have its useful side as well - in fact it's the web's best source of breaking security news. Most big security companies and experts post news and comments on Twitter, and if you 'follow' them you can be first to know about the latest threats, patches, products and tips. Here are a few of our favourites:

@msftsecresponse
Latest security bulletins from Microsoft’s Security Response team.

@symantec
Breaking security news from antivirus firm Symantec.

@gcluley
News, comments and tips from one of the web's most prolific security experts, Graham Cluley.

@e_kaspersky
Kaspersky is a person! Eugene Kaspersky, founder of the antivirus giant, posts interesting comments and links several times a day.