The Importance of Security Patches and Updates

Share and earn Cybytes
Facebook Twitter LinkedIn Email

In this post, we will discuss some of the major hacks and exploits that have happened in the most recent years. This will not only educate you on the type of ransomware and malware out there, but it will highlight the importance of security patches and updates and how they can effectively remove security vulnerabilities.


The WannaCry Attack:

One of the biggest, if not the biggest, ransomware attack in history was caused by WannaCry. It took down more than 300,000 computers across 150 countries, at the time the attack was unprecedented in scale according to Europol. This attack was launched by using the EternalBlue exploit, which exploited the vulnerability in SMB V1 (Server Message Block) protocol of Windows. It would eventually be thwarted four days later when Microsoft released a patch to end the pandemic.


NotPetya attack

Soon after WannaCry, another massive ransomware attack called NotPetya hit the scene. This used the same vulnerability as WannaCry to spread itself with an addition of the Mimi Katz routine.

Who were the victims?

Ironically, after WannaCry ended the security patches for all these vulnerabilities were available before they got exploited by the attackers. The victims of NotPetya were the users who did not apply the security patches from WannaCry.


The importance of security patches and updates and the meaning of a vulnerability and exploit?

  • A security vulnerability is a security flaw detected in a product that may leave it open to hackers and malware.
  • An exploit is a code purposely created by attackers to target a vulnerability. This code is then embedded into a malware and dropped on a vulnerable system.


In addition to all this, there is something known as a zero-day exploit. These exploits are used to target an unpatched software vulnerability on the same day the vulnerability is discovered (this type of vulnerability is called zero-day vulnerability). In other words, there are ‘zero days’ between the discovery of the vulnerability and the first attack.


Updates are usually classified into two categories: Hot Fixes or Service Packs.

  • Hot fixes are patches that address a single specific issue with Operating System or related files.
  • A Service Pack, on the other hand, is a set of hot fixes and other system enhancements. It is a collection of all fixes that bring an Operating System up to the latest, more secure version.


Why should you patch your computer?

As mentioned earlier, operating systems that are updated with the latest security patches are less vulnerable to attackers. Here are some simple steps that can help keep your information and system protected

  • Keep your OS and other software up-to-date. It is highly recommended to keep Automatic Updates ON.
  • Do not click on links or download attachments from unknown, unexpected or unwanted emails or messages.
  • Do not click on pop-up ads, try installing an Ad Blocker on your computer
  • Keep your antivirus up-to-date and use one that offers multiple layers of security against attacks that target security vulnerabilities

The post The Importance of Security Patches and Updates appeared first on Cybersponse.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About CyberSponse, Inc.
CyberSponse Incorporated, a global leader in cyber security automation & orchestration, helps accelerate an organization’s processes, security operations teams and incident responders. The CyberSponse platform enables organizations to seamlessly integrate, automate and playbook their security tool stack, enabling better, faster and more effective security operations. With a global presence, offering an enterprise platform, Cybersponse enables organizations to secure their security operations teams and environments.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?