Software & System Updates for More Security
Every well-updated system is generally far more secure against cyberattacks than one that is out of date. That's why major corporations also use special patch management solutions. These sophisticated solutions are normally beyond the reach of small companies and private users. But there are other good tools that can keep systems and applications up to date and provide for security.
Cyberattacks on PCs are very often mounted using so-called exploits. These are malware programs directly targeting a security vulnerability in a software application. A bug fix in the form of an update is often sufficient to evade such an attack. Most operating systems prompt the user to perform system-relevant updates or even carry them out automatically. By contrast, users running installed third-party software still have to perform their own updates. It is also urgently recommended to do so, as time and again, the PDF tool, Adobe Acrobat, for example, has been notorious for having severe vulnerabilities. Tools such as Java or the well-known Flash software are also frequently-used exploits for attackers. Here is an overview and a checklist showing you how you can make most applications fit and safe.
System check for Windows & MacOS
With operating systems for desktops, updating a system is still easy. Things become more complicated when updating installed applications; but more on that later. Windows and MacOS provide internal updating tools for the traditional operating system updates. On MacOS, it can be found under "System Preferences" and "Software Update”. On Windows 10, everything is found under "Settings" and "Update & Security". Normally, the tools are configured to automatic updates.
Compared to Windows 7 or 8, the new Windows 10 no longer allows constant disabling of system updates, which is considered an increase in security. Now users are only allowed to pause updates.
With MacOS, there is also an option for making everything automatic. In order to achieve this, it is often sufficient under "System Preferences" and "Software Update” to check the box on the query "Automatically keep my Mac up to date".
Program updates for MacOS
In terms of program updates, the Mac and Windows worlds could hardly be more different. For MacOS, almost all installed programs can be updated via the App Store – almost exactly as with the mobile iOS. If a software application is not from the App Store, in most cases it will independently notify the user that a newer version is available, offering it via a link. That is why Mac users normally require no special update software. If you want to make sure that all applications are definitely up to date, then you can use the MacUpdater from CoreCode, for example. The tool runs through all installation applications, checking for updates. If any are available, then up to 10 apps can be updated free of charge. More updates cost a minor one-time fee. The tool is easy to handle: once an update has been found, one click is sufficient, and the MacUpdater goes to work.
Good Windows update tools for individual PCs and small businesses
For Windows, application updates are a whole different story. Some programs now report independently upon launch that a new version is available, like the well-known client, Thunderbird, or various browsers, such as Chrome or Firefox. A large number of other applications do not offer this feature. Some security applications now even have an integrated software updater. This is the case, for example, with the Internet security suites from Avira or Kaspersky.
Naturally, it is possible to manually update individual tools, but over time, this becomes somewhat tedious. The right patch programs are much better at doing this. For this purpose, the market offers a vast selection of products, not all of which can be presented here. Without picking any favorites, we are introducing two products as being representative of this group: for individual user PCs, there is the tool from Patch My PC, and for small businesses, there is the software Patch Manager Plus from ManageEngine. Patch My PC can be used free of charge. After the 30-day trial period without a PC limit, Patch Manager Plus can still be used free of charge for patching up to 25 PCs.
Quick program updates for individual PCs
The small tool Patch My PC is very easy to handle. Merely prior to initial use, you need to complete a few settings under "Options". There you need to specify the language of the updates under "Application Languages". On the right, under "Visual Options", you also check "Create Desktop Shortcut for PMPC". One click on "Export Settings to PatchMyPC.ini" backs up the settings. Once you are finished, you close the tool and re-launch it.
Updating is easy: in the left window box, the tool identifies and already highlights all the applications for which an update is available. Afterwards, one click is sufficient to "Perform Updates". The updates are then carried out in silent mode. This means that the tool only indicates the progress of the updates as a status line and does not open and close any program windows.
Update service for small enterprises
The tool from Patch My PC is suitable for individual Windows PCs. Small enterprises with 5 to 25 PCs have too much hassle with an individual tool and also have no overview of the patch status on the PCs. Sophisticated patch management software, on the other hand, is normally too large and too expensive. But there are also suitable tools for small enterprises, such as the one presented here as an example, Patch Manager Plus from ManageEngine. In terms of configuration and structure, the Patch Manager is suitable for many PCs and can be used free of charge without a PC limit in a 30-day trial period. After 30 days, the program becomes a free version and can be used to manage up to 25 PCs. The professional solution, requiring IT knowledge, can be installed on a Windows server or on a PC as a substitute server. At the same time, however, there is also a cloud version available. In both cases, it is necessary to have an online account. The account requires merely a name and e-mail address, however; nothing else.
If a server with an Active Directory (AD) is available in the company, this can be used to distribute the necessary patch agents. The agents are available for Windows, Mac, and Linux. If the PCs are being run in a network without a management server, you can also manually distribute and install the necessary software agent. The workstations later provide a notification with their names in the dashboard of the solution, where they can be administered, grouped and much more. For all PCs, patch rules can be specified as to which software is to be updated, along with applications perhaps considered prohibited. With the Patch Manager Plus, users can receive updates not only for Windows but also for many non-Microsoft applications. Here's a very interesting feature: The server can also act as an update distribution station for all existing PCs in the LAN, thus eliminating the need for many individual downloads.
Quick system check with iOS & Android
Maik Morgenstern
CTO AV-TEST GmbH
In terms of app and system maintenance, mobile operating systems are relatively easy to manage, to the extent that they make updates available.
iOS & Android usually provide regular system updates and inform the user to that effect. With Android, however, the update range depends upon the device manufacturer. Normally device updates are offered for only 2 or 3 years, containing so-called Google security updates.
To perform a quick system status check, with Android, you can look under "Settings" and "System" or "About". There you'll find the entry "Android security patch level". On a system that is very out of date or cannot be updated, for more security you also ought to consider replacing the device.
You can check an iOS system under "Settings > General > Software Update". If there is a new version, it is offered immediately. Apple generally still offers updates for older devices.
When it comes to outdated apps, there is an easier way: the iOS or Android devices always have contact to their App stores. Normally, devices are configured for automatic app updates as soon as they are in a wi-fi network. If this is not the case, it is recommended to manually check whether a new version exists. For this, Apple has the app called "App Store", Android the app entitled "Play Store". In both apps, the users can see the respective apps installed and have the system display which applications are able to be updated.