Update Vaccinates your PC against Ransomwares

After recent ransomware incidents, I received several messages from users who are super worry about current incidents and about futures malwares. I tell them one thing, you don’t need to be super-duper computer expert to protect yourself, the only thing you need to do is to update your PC and Anti-Malware software and nowadays, it is as easy as stay connected to internet and you will get the latest updates. For example in Windows 10, when you have default setting, you just have to connect to internet and Windows will protect you by updating Windows and Windows Defender automatically. If you have any other Anti-Malware software, normally it also get updated automatically. PC which have been infected with ransomware and are getting infected right now, are facing this problem, because they are not update. Update act like vaccinate for malwares and update could detect and remove them. If you really care about security and protecting yourself against malwares and ransomwares, they make sure update Windows, Anti-Malware software and everything.

In general, security researchers all over the world, are trying to find new threats and find ways to detect and remove them and if there are other malwares similar to the one which has been detected, they create ways to detect unknown but similar malwares. They effort on detecting and removing these malwares are being released as definition updates through update mechanism. In the other world, security engineers in Windows team also research about new and unknown threats and vulnerabilities in Windows and attempt to fix and protect these vulnerabilities and mitigate possible vulnerabilities in future and they release security fix through Windows Update.



What’s New in Windows 10 Update?

Windows Update has been around for many years and it is there to protect Windows and improve its functionalities, performance and fix problems. In Windows XP, update was installed automatically, you could turn on or turn off Windows Update. However in order to check History of Installed Update and for some advance update settings you have to open Internet Explorer and install ActiveX and then you have ability to check History and Settings. There were some issues with this design, for example if for some reason, Internet Explorer didn’t work, user was unable to see update History and when it comes to troubleshooting, and they have to check issues with Internet Explorer, ActiveX and Windows Update itself. Windows Update installation was separate from Internet Explorer and it was a notification to display update status and installation. In Windows Vista, Windows Update improves, you don’t need to worry about Internet Explorer or browser or ActiveX to check Update History. All settings related to Windows Update were under an application known as Windows Update inside Control Panel and you could manage, check for History and so on. Same design implemented for Windows 7, Windows 8 and Windows 8.1 too. In Windows 10, it place under Settings, the idea is the similar to the one in Windows 8.1 but the design has changed and it is well-fitted for different screen and support for touch. People who have been using Windows 7 in touch screen devices, they had difficulty to use Control Panel in Windows, mostly due to small icons and bottoms which make it hard to press. This issue has been resolved in Windows 10 in Settings, with a simple design and friendly for Mouse and Touch users.

There are new changes in term of Update settings and delivery of updates in Windows 10. Unlike previous version of Windows, you are not able to disable Windows Update directly using settings. In other word, all Windows Updates will check and download updates, you could change setting in way to install automatically or schedule restart. In previous version of Windows you face two categories of update one is Important updates which they download and install automatically and the other is Optional updates when you should select, download and install it manually. The problem was most users weren’t care about optional updates and they might never check Windows Update. Optional updates usually contains bug fix and updates to improve performance and reliability or update for new drivers. Installing them would bring better experience for users but they are optional. In Windows 10 all updates (Important and Optional) download and installed automatically so you don’t have option to select which one should be installed. In general it is a good design because to have a best possible experience with Windows, it is always recommended to install all updates. In some cases, out of date drivers would cause crash when you install new software especially when you play games and you use out of date driver, you might not have a great experience. Updates in general resolving newly discover or under research problems and bugs. For this reason, it is always recommended to update everything. However for some updates like drivers, there might cause error. The reason is there are millions of software and devices and it is not possible to test all of them but it is possible to most of them to make sure they are stable enough for public release through Windows update and if there is a new issue after installing new update, there is a possibility to uninstall it and open support case to ask for help and fix the issue. Therefore the new Windows Update design in Windows 10 brings a greater experience to Windows users. Because all Windows users will get all updates.

For more information about Windows 10 Update, take a look at What is Windows Update?


Dealing with Zero-day Attack

Zero-day attacks are one the biggest challenge in the world of computer security. It occurs when there is a vulnerability (security weakness) in a system and there is no update for it. It happens because those vulnerabilities might discover by cybercriminals first before computer security people. In this case cybercriminals would take advantage of it. In other cases, it discover by computer security people , however they need more time to do research for its solution and do more testing before releasing update. While they are working on it, cybercriminals would discover that vulnerability and take advantage of it against computer users.

There are number of ways to prevent zero-day attacks. One way is by collaboration with all trusted security experts around the world and if anyone discover new vulnerabilities he or she will report it to everyone else and they are working together to fix it and release update. Another way is through researching to prevent future vulnerability, when new vulnerability discovered, they will do research on components that affected and work on building a new system to prevent possible future vulnerabilities to occur in future. However, there could be cases that there is discovered vulnerability and it is still under research or testing before update by computer security experts, however cybercriminals discover and take advantage of it. In this case, companies would release security advisories. In security advisory, they briefly explain about the vulnerability and purpose solution to fix it while they are working on the final update. The fix might have some side effect or if it release as update cause errors and other problems, therefore while it is being test, you could perform manual fix while waiting for update. In Microsoft all security advisories will post on Microsoft Security Advisories website. Another approach to deal will zero-days is through Anti-Malware signatures. While a zero-day vulnerability is being research and update is being test, an Anti-Malware update would release to Anti-Malware products and if those vulnerabilities exploit, your Anti-Malware product would detect it as threat and remove it. When there is an advisory and research for a zero-day vulnerability is under progress, your Anti-Malware software could protect you while you are waiting for update to resolve the vulnerability. Release update through Anti-Malware is the fastest way, because it has the less side effect on your software than actual update.

When there is a new advisory make sure to know about the actions and prepare to install the update as soon as it been release (it will announce in advisory website). Meanwhile, make sure update your Anti-Malware product to protect yourself against known zero-days. There is a worst case scenario that a vulnerability discovered by cybercriminals but it is not known to security experts. If you face any vulnerability that is unknown to security experts, please report it to Microsoft Security Response Center.

Why we need update?

In computer security, we always ask users to update Windows, Anti-Virus, Anti-Spyware and all other software and applications that they have. Update is not only resolving security problems but also it will help software to work better and more reliable. First, let me explain why we need update. The reason for update is that technology is keeping improving and new thing are discover, in the other hand user might use software in several different way and use many different applications. For example you just ask to name all of applications and software that are in the software world. I could say they are uncountable, and people are building more and newest Software and application. Also Windows itself is a big world; you could use it in many different ways. Sometimes new ways might discover that someone use it and access your PC unauthorized and without your permission, it called vulnerability. It is present in all Operating System including Windows, Linux, Mac OS, Solaris and others. Researchers will work on Operating System to find a Vulnerability or Security bug and then resolve it. The good thing is that most of Vulnerabilities are discovered by researchers and good guys and before bad guys find it, they would resolve. I said resolve, how they resolve it is update, when you do update from user viewpoint, you will see update downloading and installing and might ask you to restart your Operating System. But what really happen is that your system would protect against newest way to hack it. In top level researcher will discuss about new types of attacks and ways to defend it and bad guys look for new ways to damage you. What is in user level is that keep your system update. Update is like upgrade of your weapon. Many years ago people use sword and bow in wars. Nowadays people use gun in wars. Due to developing technology new weapon innovated. If you do not update your System, it is like that you have sword and you try to fight with enemy that have gun. You will fail; update will change your sword with gun in your system. However, the sword and gun example are just to make it more understandable for you. In computer security we are help users to defend themselves and protect against bad guys not go in war with someone. Update will help your system to have latest defend method against latest attacks. It also helps to make your system more usable and resolve many problems. Manufactures of software are always in research to make their system more secure and reliable, but in order to give service to you they will use update. Due to time and speed of development of technology , new bugs and problem might be discover, they are not come with Operating System or software but due to different factor they would discover. And they would find a way to debug or resolve problem or vulnerability. But they design and write a code to do that and they will give it to you using update. In Anti-Virus products they will do research to discover new Malware and new risk and then find a way to stop them and the solution will create as something we call as patch which is apply by update. In order to stop hackers and stop Malware (Virus, Worm, Trojan, Spyware) and have better experience as user make sure you are update. Hackers love systems that are NOT getting update, because out-of-date software is easier to hack. As I said in example, hacker will use gun to war with users that only have sword. One of the reasons that I always encourage user that do not use pirate software (non-genuine) is that they won’t get any update. I have seen non-genuine software that show they are updating and show they are installing and downloading patches. Don’t trick with them, their updates are fake and not real. Make sure your Windows, Anti-Virus and all of your software are getting update and are protected in order to be more safe and secure and be protecting against hackers.