The Cybersecurity & Infrastructure Agency (“CISA”) has named updating or patching the most effective measure that individuals can take to safeguard their devices (see CISA Security Tip, Understanding Patches and Software Updates). In addition to functional enhancements and fixing bugs, updates/patches address product security vulnerabilities that are possibly being exploited now, and may continue to be exploited for years to come.
In terms of what you should be regularly updating, the list includes:
- Your device operating system (“OS”)
- Your applications
- Your browser(s) and any browser plug-ins you’ve enabled
Some software can automatically check for updates and CISA recommends that you use this option whenever it’s available.
Further, updates should only be performed on trusted networks. Updates on untrusted networks may come with malware. If updating via a website, please visit the site via a known and trusted URL vs. via an embedded link that may take you to a phishing site designed to look legitimate.
End of Life (“EOL”) Software & Why You Should Not Use It:
EOL software is no longer supported or updated by the manufacturer. CISA states “Continued use of EOL software poses consequential risk to your system that can allow attackers to exploit security vulnerabilities. The use of unsupported software can also cause software compatibility issues as well as decreased system performance and productivity.”
In terms of device operating systems:
- Windows 7 and prior versions are no longer supported. To find out which version of a Microsoft OS your computer is using, see the following article.
- For Macs, Sierra and prior versions are no longer supported. Please note that Mac OS High Sierra 10.13 has a support end date of 11/30/20. To find out which Mac OS your computer is using, and to see a list of OS versions, see the following Apple support article,