SOAR Platform / Blog / The Importance of Security Patches and Updates

The Importance of Security Patches and Updates

In this post, we will discuss some of the major hacks and exploits that have happened in the most recent years. This will not only educate you on the type of ransomware and malware out there, but it will highlight the importance of security patches and updates and how they can effectively remove security vulnerabilities.

The WannaCry Attack

One of the biggest, if not the biggest, ransomware attacks in history was caused by WannaCry. It took down more than 300,000 computers across 150 countries, at the time the attack was unprecedented in scale, according to Europol. WannaCry launched his attack by using the EternalBlue exploit, which exploited the vulnerability in the SMB V1 (Server Message Block) protocol of Windows. It would eventually be thwarted four days later when Microsoft released a patch to end the pandemic.

NotPetya attack

Soon after WannaCry, another massive ransomware attack called NotPetya hit the scene. This used the same vulnerability as WannaCry to spread itself with an addition of the Mimi Katz routine.

Who were the victims?

Ironically, after WannaCry ended the security patches for all these vulnerabilities were available before they got exploited by the attackers. The victims of NotPetya were the users who hadn’t applied the security patches from WannaCry.

The importance of security patches and updates, and the meaning of vulnerabilities and exploits
  • A security vulnerability is a security flaw in a product that may leave it open to hackers and malware.
  • An exploit is a code purposely created by attackers to target a vulnerability. This code is then embedded into malware and dropped on a vulnerable system.

In addition to all this, there is something known as a zero-day exploit. These exploits can target an unpatched software vulnerability on the same day the vulnerability is discovered (this type of vulnerability is called zero-day vulnerability). In other words, there are ‘zero days’ between the discovery of the vulnerability and the first attack.

Updates are usually classified into two categories: Hotfixes or Service Packs.

  • Hotfixes are patches that address a single specific issue with Operating System or related files.
  • A Service Pack, on the other hand, is a set of hotfixes and other system enhancements. It is a collection of all fixes that bring an Operating System up to the latest, more secure version.
Why should you patch your computer?

As mentioned earlier, operating systems with the latest security patches are less vulnerable to attackers. Here are some simple steps that can help keep your information and system protected:

  • Keep your OS and other software up-to-date. We highly recommend keeping Automatic Updates ON.
  • Do not click on links or download attachments from unknown, unexpected or unwanted emails or messages.
  • Do not click on pop-up ads. Try installing an ad blocker on your computer.
  • Keep your antivirus up-to-date and use one that offers multiple layers of security against attacks that target security vulnerabilities