Helping people with computers... one answer at a time.
Unless you're willing to pay a lot of attention on a very regular basis, automatic updates are an important part of keeping your machine safe.
What are your thoughts on automatic updates? Not Windows updates but automatic updates for my spyware and antivirus programs. I have many anti-spyware and McAfee internet security suite and I have automatic updates turned on on all. Could this lead to problems by leaving my computer open to the net?
•
This one's easy: I love automatic updates.
Let me explain why, and some of the things to look for to make sure that your automatic updates are safe, and doing what you think.
•
First, I believe strongly that automatic updates for anti-spyware and particularly anti-virus packages is an absolute must. There are simply too many changes - quite literally every day - that keeping them up to date is a must. Doing it automatically is by far the easiest and most reliable way.
Application updates I treat differently. I still want automatic notification of updates and new versions, but:
the update notification should be a true notification - not a regular "do you want to check for updates now" - check it for me, and bother me only if there is something I should be aware of.
the update notification should tell me what it is, and what it's going to do for me - including how important or critical the update might be
I should be able to choose not to install the updates right now, but rather be reminded later
I should also be able to choose not to install the update at all, at least until the next, new, update becomes available.
There are some software packages that do all that, and I really do appreciate them.
And typically, I do accept the updates, but at a time that's convenient for me.
Windows update is a special case. I believe that most users should have automatic updates turned on, and automatically install all updates. That being said, I have it set to notify only, and actually examine the updates being offered before I say yes. And I always say yes.
The relationship of Automatic updates to Windows update is another case of a missed opportunity as well. It appears that Automatic updates only deal with critical issues. If you actually visit the Windows Update site, you may find additional updates that you were not alerted to. (Like Office SP2, which I just now learned of as visited the Windows Update site.) I would prefer some kind of proactive notification for those as well.
As to your concern about security - in a nutshell, I'm not terribly concerned. Most automatic updates are handled through the same mechanisms that your web browser uses to visit web sites. The result is that for most, you're not "opening up" any additional vulnerabilities by enabling automatic updates. And as long as your dealing with reputable vendors, the chances of "automatically" downloading some kind of malware is next to zero. You're at much greater risk by mistakenly clicking on an emailed attachment, not being behind a firewall, or visiting a malicious web site.
Article C2491 - December 16, 2005
Leo A. Notenboom has been playing with computers since he
was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed.
After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers
to common computer and technical questions. More about Leo.
Apologies to others if this is a bit technical...
I'm a developer and I like the idea of automatic updates - it certainly helps to make sure users have problems fixed before they know about them, as well as making sure they have all the latest functionality.
My major gripe is that when automatic updates DO cause problems, they're usually whoppers. Added to which, not all companies use an overly secure mechanism - it's not that difficult to redirect a http (web) request to a different webserver - eg editing the hosts file (and yes, I know that's not easy on someone else's Pc but you can spoof DNS entries, poison routers/ARP caches, etc...).
Then, there's nothing to stop Mr. Malicious just substituting the genuine update with their own code. Admittedly, Microsoft and some others use secure HTTP (same as banks) and MD5 hashing (for the non-technical think of it as a short list of letters and numbers that sum up the contents of a file - any change to the file means a different MD5 hash, so you can check that what you've downloaded matches what you expected to download - at least the software should do this internally) but there are still a large number of companies that do NOT use MD5 hashing, secure conenctions or anything else - which I personally find to be a HUGE security hole.
To make things worse, there's already hundreds of programs that let you see what information is being passed back and forth between your computer and , which means anyone malicious can monitor the (legitimate) traffic on their own PC, deduce how it works and then substitute their own.
So I let anything notify me of new updates but if possible, I install them myself unless I trust the security used by the software company as well as the company itself - They may not be malicious but it doesn't always mean they're competent.
Posted by: Simon at May 2, 2008 9:16 AMautomatic updates in our point of vew are not good things to us it means giving way to Genuin programs to intrude in our machines informing us
Posted by: abdelrahimsagr at July 18, 2008 11:47 PMthat we are using malicious soft ware that why keep automatic updates closed
I have Automatic Updates enabled and like the feature, except for one irritating behavior. Some updates require a restart to take effect. I understand that, but I don't understand why Microsoft insists on doing the restart without permission. They give a brief notice and then do the restart. Several times, I've been working on something and have been called away from the computer momentarily. I know I should save before leaving, but I don't always remember. I hate it when I return to discover that the computer has automatically rebooted and I've lost what I was working on. Is there any way to disable this behavior and give me the notice so I can initiate the reboot when I'm ready for it?
20-Nov-2008
I have most of my apps set to update automatically where possible, except for Windows Update. that I have set to download and notify - but even when I select to Install it still downloads all the selected updates!
Posted by: thenudehamster at February 24, 2011 10:49 AMAnd they wonder why people hate Microsoft?
I have to disagree with you, just out of personal experience. Though I will acknowledge that updates are one of the surest ways to keep your machine safe. That's technology for you.
Posted by: Cami at July 11, 2011 8:20 AMI bought an HP G62 series laptop last December and since February of this year I have had to restore it to factory settings several times because of these wonderful updates, which, after a time, make the computer freeze irreparably...
I can only assume that that's what causes my computer to overheat and in general act like a piece of worthless crap, since after restoring it I no longer have any personal programs. Nor do I visit sites or download content that would give me a virus (unless all of a sudden Facebook is a virus-ridden wasteland).
I've lost a lot of irreplaceable work and photos, and since I never know exactly when this piece of crap is going to go on strike, I can never prepare for it without losing a lot of work anyway. At this point I'd be better off with a typewriter, a netbook, or even a Macbook, which I have never owned before.