Helping people with computers... one answer at a time.
Unless you're willing to pay a lot of attention on a very regular basis, automatic updates are an important part of keeping your machine safe.
What are your thoughts on automatic updates? Not Windows updates but automatic updates for my spyware and antivirus programs. I have many anti-spyware and McAfee internet security suite and I have automatic updates turned on on all. Could this lead to problems by leaving my computer open to the net?
This one's easy: I love automatic updates.
Let me explain why, and some of the things to look for to make sure that your automatic updates are safe, and doing what you think.
First, I believe strongly that automatic updates for anti-spyware and particularly anti-virus packages are an absolute must. There are simply too many changes - quite literally every day - that keeping them up to date is a must. Doing it automatically is by far the easiest and most reliable way.
Application updates I treat differently. I still want automatic notification of updates and new versions, but:
the update notification should be a true notification - not a regular "do you want to check for updates now" - check it for me, and bother me only if there is something I should be aware of.
the update notification should tell me what it is, and what it's going to do for me - including how important or critical the update might be
I should be able to choose not to install the updates right now, but rather be reminded later
I should also be able to choose not to install the update at all, at least until the next, new, update becomes available.
There are some software packages that do all that, and I really do appreciate them.
And typically, I do accept the updates, but at a time that's convenient for me.
Windows update is a special case. I believe that most users should have automatic updates turned on, and automatically install all updates. That being said, I have it set to notify only, and actually examine the updates being offered before I say yes. And I always say yes.
The relationship of Automatic updates to Windows update is another case of a missed opportunity as well. It appears that Automatic updates only deal with critical issues. If you actually visit the Windows Update site, you may find additional updates that you were not alerted to. (Like Office SP2, which I just now learned of as I visited the Windows Update site.) I would prefer some kind of proactive notification for those as well.
As to your concern about security - in a nutshell, I'm not terribly concerned. Most automatic updates are handled through the same mechanisms that your web browser uses to visit web sites. The result is that for most, you're not "opening up" any additional vulnerabilities by enabling automatic updates. And as long as your dealing with reputable vendors, the chances of "automatically" downloading some kind of malware is next to zero. You're at much greater risk by mistakenly clicking on an emailed attachment, not being behind a firewall, or visiting a malicious web site.