Posted by: David Scott
anti-virus, antivirus, computer virus, content management, data protection, data theft, e-mail spoof, IT security, malware, online spoof, remind me later, Security Plan, security policy, security update, software patch, spoof, update now, virus, virus removal
A colleague recently made a cogent argument for timely – in fact immediate – application of all suggested updates as they pop up on various devices; desktops, laptops, smart phones, etc. He examines it from a security perspective, being that many of these updates address security issues. A week doesn’t go by that I don’t get at least one “recommended update” or another on my laptop from various software providers.
The colleague is not a fan of the “Remind Me Later” option/button – he claims that it’s “the most dangerous button you can push” (hmmm… my vote might go to the “Delete Permanently” option…). He likens “Remind Me Later” to discovery that your home alarm is broken, and then deciding to post a reminder to your calendar to look at it later. Another (false) analogy he uses is: Leaving your car unlocked, and asking someone to remind you later to go back and lock it. More on his analogies in a bit…
However, it’s now well-established that hackers and crafters of malware are providing their own “update” notifications: Spoofs of legitimate updates, that upon acceptance install viruses, keystroke monitors, collection of authentication info, website tracking, information relays, and other nefarious things you most definitely want no part of. Further, they employ various tricks in “legitimizing” the look and feel of their activies – one of which is an actual “Remind Me Later” option, figuring you’ll accept it at some point.
A little examination may be in order before reflexively clicking that “OK,” “Install,” or “Update Now” button. Look the popup over carefully: Its aesthetics (does it look typical? If you’re able to remember the last update, that is); the way it’s worded; and further, is it an update that corresponds to your environment (that is, is it for something you’re actually running)? If you receive an Adobe update, and you don’t have Adobe in your environment – don’t install.
Another consideration: Oftentimes updates will create a conflict between the updated application, and another one. There is published documentation of known problems and conflicts between resources, and frequently there is published counsel to forgo a particular update, because another non-conflicting one is due to be released by the software publisher, applications developer, plug-in provider, etc.
A really savvy user will know certain schedules. For example, if receiving a Microsoft operating system update, it would be useful to know if MS was actually sending one out. Googling around for this type of info can help. There are also some great message boards that discuss this topic, and subscription can yield solid info and protections.
But here’s today’s take-away for you: Just because you don’t update an element immediately doesn’t mean you’re completely unprotected (such as leaving your car doors unlocked, or home unsecured). Security elements are still in your environment, running, and protecting: A good provider will LEAD threats, so that you may indeed have a little room for a “Remind Me Later” – particularly if you suspect an update might be a spoof; a threat masquerading as a legit update.
When all is said and done, any specific user, and any specific organization, has to make its own decisions regarding notifications of updates. You’re tasked to know your environment better than anyone.
But keep in mind that “Remind Me Later” can be a legitimate buffer as you research and vet an update notification. It’s not just a procrastination tool.
NP: Soul Bird, Cal Tjader, jazz24.org