Keep your software patched and up-to-date

The currently prevalent Bugbear virus is only able to spread because many Internet users have not applied freely available patches to the software they use.

The rapid spread of the Bugbear virus over the past week illustrates two things:

  • it is extremely important to keep all of your software up-to-date, particularly where that software is Internet related or enabled;
  • a large number of Internet users do not keep their software up-to-date.

It's easy

Keeping your software patched and up-to-date is easy if you take a systematic, regular approach:

  • make a list of the software that you use on your systems, starting with the operating system, the web-browser and your email client. The list should note the vendor's website, software version number and last patch or update applied. This list will be a living, changing document and should be updated each time you update or change the software you use;
  • conduct a monthly review of each of the vendors' websites to see if there have been any patches, updates or new versions;
  • download and apply any patches or updates, particularly if they address security issues.

A cautionary word about new versions

New versions of software often fix a range of bugs in the previous version. However, a new version will typically offer a whole host of new functionality and with it a whole host of new bugs. Although this is not always the case, it is often prudent to hold off upgrading to a new version the very moment it is released and wait until the new version has received widespread usage. Some even advise that it is best to wait until the vendor has release the first service pack for the new version.

Bugbear explained

Everyone knows that it is a bad idea to open untrusted attachments to emails. However, the Bugbear virus uses a vulnerability in Internet Explorer so that you can be infected with the virus through simply downloading your email in Microsoft Outlook or Outlook Express. Vulnerable versions of Internet Explorer make Microsoft Outlook or Outlook Express run carefully crafted attachments automatically, without you having to open them.

You can fix this auto-run "feature" of Internet Explorer by applying the latest service pack and cummulative patch file from Microsoft by going to http://www.microsoft.com/windows/ie/downloads/critical/default.asp.

General anti-virus tips

There are few simple steps that you can take to minimise the chance of virus infection:

  • use anti-virus software and keep it up to date. Anti-virus software should be installed on each machine in your organisation and configured to automatically download the latest virus pattern files at least once a week;
  • apply the latest security patches from Microsoft to Internet Explorer;
  • educate your users to never open email attachments without first saving to disk and virus scanning them; and
  • educate your users to delete spam email without opening it.
ArticlesArticlesIs your content management system accessible?Windows XP end of lifeMeasuring the suceess of your content management strategyDoes my website need a "search" function?Keep your software patched and up-to-datePrivacy and Your Membership DataCookiesWebsite accessability explained"Under construction"Keep it simpleFast Websites are...Disabled User Access - is your website unlawful?

About GKY

GKY Internet is one of Australia's leading internet solution providers delivering innovative and cutting edge web and mobile application development, hosting and integration services to business and government. We supply a total package end-to-end solution which is unmatched in the industry in terms of expertise, responsiveness, reliability and cost.

More »

Services

Our services cover the entire range of web and mobile business applications including web development, mobile app development, interface design, data integration middleware, remote monitoring, web accessibility compliance auditing and web consulting.

More »

Products

Our products include the Kontent modular content management system, Remmon our advanced remote monitoring service, WebISS our interactive mapping spacial system which provides a high speed web front end for geographic information systems (GIS) data.

More »