This one’s easy: I love automatic updates.
Let me explain why, and how to make sure your automatic updates are safe and doing what you think they are.
I’ll also explore one area where things have gotten worse instead of better over the years.
I strongly believe automatic updates for anti-malware tools are an absolute must. There are simply so many changes – quite literally every day, sometimes multiple times a day – that keeping them up to date is a must. Doing it automatically is by far the easiest and most reliable way.
The issue with anti-malware tools is what I call “the race”. Those who create malware do so constantly. Anti-malware tool vendors are always playing catch-up. They’re constantly updating either their tools, or the databases of malware information, so they can catch even the most recent threats.
Making sure your anti-malware tools have not only the most recent versions of software, but also the most up-to-date versions of the malware database, is critical to staying safe and secure.
Doing so automatically is by far the best approach when it comes to your security.
Applications: yes, please
I treat application updates somewhat differently. I want automatic notification of updates and new versions. This means:
- The update notification should be a true notification – not an every-so-often “do you want to check for updates now?” Automatically check it for me, and bother me only if there is something I should be aware of.
- The update notification should tell me what it is, and what it’s going to do for me, including how important or critical the update might be – in terms I can understand.
- I should be able to choose to delay the update and be reminded to install it later. Updates can interfere with work in progress, or have other adverse impacts, so allowing me to choose when they happen is important.
- I should also be able to choose not to install the update at all, at least until the next new update becomes available.
There are some software packages that offer everything I’ve described, and I really do appreciate them. Sadly, most offer incomplete mixtures of those features.
Most often, I do accept the updates.
I also believe that’s exactly what the average user should do. You should not be required to understand what each individual update is about. In most cases, “just take ’em” is my general recommendation.
Windows: Oh, Windows….
Updates to the Windows operating system are a special case, and unfortunately not a good one. Windows update is a case of things getting worse, rather than better.
If you walk that list of functionality I want from applications, you’ll note that the most recent versions of Windows fail miserably.
- There’s no notification that updates are available. (Only that it’s time to reboot after they’ve been installed.)
- There’s almost no information about what the update includes, and certainly not in language the average user can understand.
- The ability to delay an update has been severely crippled.
- The ability to avoid an update has been removed.
Windows has gone to the other extreme: you will take all updates as they’re made available. Period. At best, you can set up a time window during which your machine won’t reboot, to avoid those middle-of-a-presentation frustrations.
What’s frustrating is that in an ideal world, that would actually work. But Windows has proven time and time again that we don’t live in an ideal world. Updates can cause problems. Updates can happen at inopportune times. Updates can absolutely feel forced on you … because ultimately, they are.
Automatic updates are a good thing when they work, and work reliably. Windows has yet to achieve that bar.
Automatic updates and security
As for your concern about security, I’m not terribly concerned.
Most automatic updates are handled through the same mechanisms your web browser uses to visit web sites. The result is that for most instances, you’re not “opening up” any additional vulnerabilities by enabling automatic updates. As long as you’re dealing with reputable vendors, the chances of “automatically” downloading malware is next to zero.
You’re at much greater risk if you’re not behind a firewall, visit a malicious web site, or mistakenly click on an emailed attachment.
Or you don’t take updates.
Sadly, Windows itself represents the biggest risk today, forcing you to take updates whether you’re ready or not, and having a track record that makes that unfortunately risky. All I can recommend to protect yourself here is to make sure you’re backing up regularly.