We've all been guilty of it. You're cramming to hit a deadline, and you dismiss that tiny notification in the corner of your screen reminding you to install a new software update.
But if there's anything to be learned from the global ransomware attack that's plagued computers in 150 countries, it's that these updates are as crucial as ever. "This whole disaster could have been prevented if people had patched their system," says Jerome Segura, a security researcher for software firm Malwarebytes.
Software updates are critical for keeping your computer safe because they often include fixes for bugs that hackers could otherwise exploit in order to remotely access your system without your knowledge. Not doing so can leave your computer open to viruses, malware and other types of attacks. "[Installing updates] is extremely important to make sure people [aren't able] to run something on your computer without your permission," says Vikram Thakur, Symantec's technical director of security response.
Ransomware uses a particularly nefarious technique that blocks the owner from accessing his or her files by encrypting them and demanding a ransom in order to have them recovered. The specific breed of ransomware that's been disrupting businesses, hospitals, and institutions around the world, referred to as "WannaCry" or "WannaCrypt,"holds files hostage for a $300 fee. "The risk factor goes up many-fold when it comes to businesses because of the number of clients that they have," says Thakur. "Multiply that, and very quickly it could become $300 times 10,000."
The attack stemmed from a vulnerability found in Microsoft's Windows platform, which the tech giant addressed in an update from March. But that fix was only available for systems it currently supports, meaning older versions like Windows XP were left susceptible. In an unusual step, Microsoft on Friday issued a security update for dated Windows iterations such as Windows 8, Windows XP, and even Windows Server 2003.
Most PC owners likely update their computers each time a significant Windows upgrade is released. But the situation is much more complex for corporate IT departments, which must test software updates before deploying them. This step is necessary because many businesses use custom applications for daily tasks that are crucial to their work, such as tracking shipments or managing conveyor belts. These apps are sometimes based on files that are stored on employees' computers, says Thakur, and software updates may interfere with those critical apps. "That's the exact reason why some of the large companies fall behind in deploying these patches," says Thakur. "[An update] that was released in March probably won't be deployed until June."
Once a computer becomes infected with ransomware, there's little that can be done to salvage it. But regularly installing software updates and backing up important files can at least mitigate the effects. And while the process may be more complicated for businesses and large organizations, IT workers should do their best to stay informed about how severe these vulnerabilities are as they arise, says FireEye's John Miller. "There's a real possibility that all of their Windows-based systems could get shut down," he says. [They should] prepare for that threat ahead of time."