Helping people with computers... one answer at a time.
Update notifications come at various times and in various ways. I'll look at how to best determine which are legit, and what to do if you suspect not.
I am constantly being asked to download updates from the likes of HP, ADOBE, QUICKTIME, in fact just about any software on my machine. Question, how do i know if these are genuine or not somebody with mal intent.
A very good question. We see people being infected with malware regularly because they get a pop-up notice that they're infected, when they're not. What's to say that the same scenario won't work when it comes to software updates?
In short: well, nothing really.
Nothing, that is, except understanding what to expect, what looks fishy, and what is clearly and obviously bogus.
I wish there were a blanket rule I could quote, or even more consistency across different update mechanisms, but sadly I have neither.
Update notices via email are nothing new. I know I regularly get notification from various software vendors promoting the latest version of their software. Those may well be legitimate.
But I still won't click their link.
Email is simply too easily forged. That link you think came from a vendor you purchased software from may be completely bogus. It may take you to a site that even looks like the vendor's site, but you really have no idea what you're downloading.
Forget the link. Go to the vendor's site yourself.
Here are a few other rules of thumb when it comes to emailed update notifications:
If it's for software you don't have, it's bogus.
If it's an attachment, it's bogus. Vendors learned long ago that attachments simply don't work because so many viruses used them.
If it's for Microsoft, Hotmail, MSN or any other Microsoft-related property, it's almost certainly bogus. Windows Update and Microsoft Update handle what's on your machine, and web sites like Hotmail don't have updates that you would install.
If it's for Apple, Adobe and other software for which you normally get updates via software already installed on your machine, the email's probably bogus. Like Windows Update, the updating software on your machine for these tools is the way updates are distributed.
Over time it's important to simply become familiar with the various ways software updates itself on your machine, and which software packages use what techniques.
My favorite is "check on run" - meaning that when you run a particular program it checks and tells you right then if there's an update available. I wish that more applications used this technique.
If you run iTunes, and iTunes immediately tells you that there's a new version of iTunes available, that's almost certainly legitimate. Similarly if iTunes tells you that there's a new version of QuickTime available, that's almost certainly legitimate as well, since iTunes uses QuickTime.
I use iTunes and Apple as a scenario that annoys me as well, since when you run iTunes you're also likely to be told that there's a new version of Safari available. Safari's Apple's web browser and unrelated to iTunes. It turns out to be legitimate, but it's not something you need to take unless you do, indeed, run Safari on your machine.
That definitely makes things more confusing.
But ultimately update checks when you first run a program for it, or for services that are related to it, tend to be legitimate and something that over time you'll come to quickly recognize.
Harder to recognize are random popups.
Some software, often software that's more or less continually running on your system or not really an application that you'd use but a service that other applications might use, check "every so often" for updates. When the check happens and an update is available you're presented with a popup. Fortunately, I'm not seeing these as much as I once was, simply because manufacturers realize that theses could be easily mimicked by purveyors of malware.
The only real advice I have to offer here is that over time you'll become familiar with what these popups look like and how they behave. Anything outside of what you're familiar with should be treated with suspicion; typically that means visiting the software manufacturer's website or support offerings and looking for something that confirms an update is expected.
What a number of vendors are doing these days is checking for updates when you login. The latest Flash updates from Adobe seem to be in this category (though it's also possible that Flash may check with you first run your browser).
While it slows down startup somewhat, it makes a certain amount of sense - at least you're not getting interrupted in the middle of your work for some random update.
Once again, though, this is an area where malware could interfere - though it's less likely since in order to have something like this happen at startup you likely would already have to be infected, and hence there'd be no real need to fool you again.
Depending on your settings, Windows, of course, will provide you with a taskbar notification when new updates are available. Then if they're not already installed you can initiate Windows Update - either via the application on your system or by visiting the Windows Update web site.
Other applications do similar. Firefox, for example, has a very passive notification window that appears telling you that updates are available and then quietly goes away; the next time you start Firefox you get a more prominent message.
Yes, it does sometimes seem that there's almost always an update of some sort we're being told about. I view this as a good thing in general, since vendors are actively fixing potential vulnerabilities and other problems in their software - I want the latest versions.
Over time you'll learn what to expect from the various vendors for the software on your machine. The key is never to accept what you don't expect. At a minimum if you get a popup or notification that you're not sure of, don't accept it. Updates are rarely, if ever, mandatory. You always have the option of declining the update, and doing some research before electing to accept it the next time it comes around.
And of course always make sure that your machine is up to date with the latest system patches and anti-malware tools and databases.
Yes, that is somewhat ironic, since some of the very update notices we've been discussing might relate to those very programs.
That's why it's important to have some familiarity and know what to expect.
I do expect that malware creators will attempt to fool you by exploiting these paths more in the future.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.