The Importance of Security Patches and Updates
In this post, we will discuss some of the major hacks and exploits that have happened in the most recent years. This will not only educate you on the type of ransomware and malware out there, but it will highlight the importance of security patches and updates and how they can effectively remove security vulnerabilities.
The WannaCry Attack:
One of the biggest, if not the biggest, ransomware attack in history was caused by WannaCry. It took down more than 300,000 computers across 150 countries, at the time the attack was unprecedented in scale according to Europol. This attack was launched by using the EternalBlue exploit, which exploited the vulnerability in SMB V1 (Server Message Block) protocol of Windows. It would eventually be thwarted four days later when Microsoft released a patch to end the pandemic.
Soon after WannaCry, another massive ransomware attack called NotPetya hit the scene. This used the same vulnerability as WannaCry to spread itself with an addition of the Mimi Katz routine.
Who were the victims?
Ironically, after WannaCry ended the security patches for all these vulnerabilities were available before they got exploited by the attackers. The victims of NotPetya were the users who did not apply the security patches from WannaCry.
The importance of security patches and updates and the meaning of a vulnerability and exploit?
- A security vulnerability is a security flaw detected in a product that may leave it open to hackers and malware.
- An exploit is a code purposely created by attackers to target a vulnerability. This code is then embedded into a malware and dropped on a vulnerable system.
In addition to all this, there is something known as a zero-day exploit. These exploits are used to target an unpatched software vulnerability on the same day the vulnerability is discovered (this type of vulnerability is called zero-day vulnerability). In other words, there are ‘zero days’ between the discovery of the vulnerability and the first attack.
Updates are usually classified into two categories: Hot Fixes or Service Packs.
- Hot fixes are patches that address a single specific issue with Operating System or related files.
- A Service Pack, on the other hand, is a set of hot fixes and other system enhancements. It is a collection of all fixes that bring an Operating System up to the latest, more secure version.
Why should you patch your computer?
As mentioned earlier, operating systems that are updated with the latest security patches are less vulnerable to attackers. Here are some simple steps that can help keep your information and system protected
- Keep your OS and other software up-to-date. It is highly recommended to keep Automatic Updates ON.
- Do not click on links or download attachments from unknown, unexpected or unwanted emails or messages.
- Do not click on pop-up ads, try installing an Ad Blocker on your computer
- Keep your antivirus up-to-date and use one that offers multiple layers of security against attacks that target security vulnerabilities