Risks of postponing software updates

Anton P. | June 10, 2021

Software updates are vital, but we irrationally delay them for as long as possible. The vicious cycle is continual: users postpone updates until their OS or software starts malfunctioning. Before then, they will simply skip through recommendations to install them without much thought. However, while users might see updates as trivial and unnecessary, their role is of the utmost importance. It is the condition you need to follow to use your OS and other programs safely. Let’s try to break this unhealthy pattern by convincing you that updates and patches should be priorities.

Importance of software patches and updates

WannaCry presented a perfect but unfortunate example of the consequences of using unpatched software. In this case, vulnerable Windows devices suffered a ransomware attack: a virus encrypting files and demanding ransoms.

If users had installed the necessary updates, they would have avoided the dire infection. The patch had been available for a few weeks, but the fact remains: WannaCry compromised around 200,000 computers.

Every time a device prompts you to install a new update, consider that a delay might cost you more than $300. The latter was the standard ransom WannaCry demanded from its victims. While you should never give in to such demands, this alleged resolution might tempt users. The truth is, paying ransoms or contacting hackers will never lead anywhere. Even if you pay, the files are likely to remain inaccessible as perpetrators are not the people to trust.

Thus, avoiding and postponing updates is like leaving your device incapable of defending itself. If you do not fix bugs that attackers can exploit, you can fall victim to various attacks.

While many updates get applied automatically, some still need human intervention and approval. For instance, your operating system is unlikely to start a 30-minute long patch without checking in with you first. However, an app on your smartphone will mend security vulnerabilities and add new features without the user even noticing.

“Remind me later” culture

It is not just you: everyone dislikes software updates. However, why do we continuously dismiss them, even though they are only a minor inconvenience? According to a study by the Journal of Cybersecurity, several factors play a role in update postponement:

  • People learn from experience to postpone updates. If they have delayed updates several times before, users are very likely to continue doing the same. The requirement here is that the experience is positive, meaning no harm came from their decision.
  • Willingness to take a risk. People that are more eager to take risks will likely delay updates. Users who like to stay on the safe side will usually install them relatively fast. However, the risk-taking trait does play a role in whether users will continue using unpatched software.
  • The emphasis on using software, not its security. Typically, users judge programs based on their effectiveness in performing specific tasks. Security might be a secondary target, only relevant when security issues disrupt software functionality. Thus, many users will install updates only after their systems become idle and prone to crashes.
  • Updates interrupt users’ plans and routines. Reminders to install updates seem to pop up at the worst of times. Hence, users view updates as disruption, especially if their current task is essential. Patching software requires time, and this cost might be too high for some. Thus, users choose the “remind me later” option only to repeat the cycle when the message reappears.

Dangers of delaying software updates

Older versions of programs and operating systems expose users to a variety of dangers.

  • You are more likely to fall victim to malware. Perpetrators continuously attempt to find security loopholes in software. Once they detect a weak spot, they will try to exploit it and compromise vulnerable devices. Sometimes, security researchers are the first on the scene, patching the flaw before hackers get to exploit it. However, once the vulnerability becomes public, perpetrators could construct malware targeting unpatched devices. Thus, always install updates to fix known security issues before it is too late.
  • You might lose files or have your private data stolen. The devices users operate are full of personal information. From your financial details to private photos, everything gets stored digitally. Imagine if ransomware renders all these files inaccessible or if a virus scoops up screenshots of passports. Both scenarios are critical and could lead to identity theft.
  • Your device or apps will be prone to error and lose their functionality. It is not all about security. The software might occasionally malfunction or develop unintended behavior. In these cases, developers will release updates to resolve such problems. Without them, users will continue to face recurring obstacles.
  • You won’t receive critical patches to zero-day flaws. Some updates might rank even higher on the priority list. Zero-day flaws can be disastrous, and you should fix them as soon as developers release updates for them. Recently, Google resolved a zero-day flaw reported to be actively exploited. If you are a Google Chrome user, it is vital to keep your browser running the latest version. In fact, you should do the same for every digital tool you equip.

Can updates cause issues?

The general rule is that an update fixes things and improves software. However, there are exceptions when updates temporarily obstruct access or cause issues. The same thing happened in March 2021, when users began reporting problems with Gmail, Outlook, and other popular services. The temporary bug prevented people from accessing their email accounts for approximately seven hours. The cause: a recent update to WebView.

However, such inconveniences are relatively rare and should not discourage you from installing updates. Minor glitches are normal because even though testing teams work hard to try varying scenarios, it is impossible to cover everything. Even if an update brings some unwanted side effects, they won’t last long. The chances are that developers will resolve them promptly.

Updating programs and OS without delay

For the most part, users should celebrate software updates. It means that developers actively improve their software, which deserves your applause. Or, to the very least, that you show your respect by installing updates as soon as possible.

However, the unwillingness to stop everything you are doing is understandable. Millions of people feel the same, and there is no one-size-fits-all solution. Typically, users will understand the consequences of their decisions but perform the ill-advised action anyway. Why? They might not have experienced these ramifications on a personal level. Thus, they are unlikely to view themselves as possible victims of malware or any other attack.

The truth is anyone can fall victim to hackers and their vicious plans. The chances are that perpetrators are not picky, and infecting your system will be a walk in the park.

But how do you change the habits you have followed for years? The simple solution is to force updates to take place. Thus, set automatic updates whenever possible. For instance, smartphone users are likely to schedule updates at night when it won’t disturb them. Whenever your OS demands an update, try to make time for it. Of course, the ideal option would be to install it immediately. However, if this is not possible, do it right after you finish a task you did not want to quit at the time.

Anton P.

Anton P.

Former chef and the head of Atlas VPN blog team. He's an experienced cybersecurity expert with a background of technical content writing.

Tags:

ransomwarezero-daygmail

© 2021 Atlas VPN. All rights reserved.