|Should you install software updates and patches immediately? What's your hurry?
What's the right approach to installing software updates and patches? Should you install them immediately? Should you wait? What's the right approach?
The standard advice regarding software updates
Software companies and computer experts usually tell you:
While I certainly agree, the standard advice has some subtle implications and assumptions:
- It's important to install updates.
- You will benefit from the new features, bug fixes, security updates, etc. that these updates deliver.
One potential risk of following the standard advice
- Install all updates as soon as you possibly can.
- Newer is always better.
Testing software (and software updates) to make sure they work properly is complicated. Some companies don't test as thoroughly as they should, some don't think that software testing matters at all, and even the most thorough testing can't cover every possible scenario. This means that some of the time you and I will end up being unpaid software testers.
As a result of this, software updates sometimes cause more problems than they fix. On the other hand, once enough people report those problems, most companies then issue additional updates to fix them, but by then hundreds or thousands of people may have been adversely affected.
I recommend taking a very simple approach that will help you avoid this issue most of the time.
So, what should you do?
Here's my advice: Unless there's a very compelling or urgent reason, don't install software updates as soon as they are released.
Instead, look at each update. If it was released today, or even within the past week, don't install it right now. Let it "mature" or "ripen," i.e., let other people try it out and discover if there are problems.
On the other hand, if the update is older than a week or two, the chances are good that other people have tried it successfully, so go ahead and install it.
Feel free to pick your own time threshold. If one week seems too short a time to you, go with two weeks or even three. Just to be prudent, I would not choose longer than a month.
I think that this is a reasonable compromise between taking all software updates immediately (whether manually or automatically) and never installing any of them.
As always, there are some finer points to my "let your updates ripen" approach:
Seriously? Who would bother to go to this level of effort?
- Minor system-level software updates: To help with this, wherever possible set your computer (or smartphone or tablet) to check for updates and notify you, but not to automatically install them. You would then choose to install or postpone based on how recently the update was released.
- Major system-level software upgrades: I never recommend upgrading from one major version of system software to another without first carefully understanding the consequences, waiting a reasonable amount of time after the initial release for problems to be found and fixed, and thoroughly backing up your computer or smartphone or tablet beforehand. Never rush into a major upgrade! Examples include upgrading from Windows 7 to Windows 8 or 10, Mac OS X 10.6 to 10.7 or later, and iPhones/iPads to iOS 8.
- Individual program updates that usually do display release dates (like Microsoft Office, WordPress framework and Plugins, etc.): Just as above, you would install or postpone based on the release date.
- Individual program updates that usually don't display release dates (like Adobe Flash, Adobe Reader, Google Chrome, Firefox, Java, etc.): I normally just install these as I run across them, but a more careful approach would be to go find the release date (by looking at the software company's website or doing a google search) and then deciding as above.
If making this extra effort around software updates (looking at each update, seeing how old it is, then deciding between installing it or waiting) just sounds ridiculous or exhausting to you, then I can only recommend the following:
Then you should set as many of your updates as you can to install "automatically," and then manually install any others whenever they come up.
- If the small risk of installing a bad update doesn't bother you, and
- You have a good, scheduled backup that you periodically confirm is working correctly
Whatever you decide to do, you should never postpone or avoid updates indefinitely. You are putting your Windows computer, Macintosh, iPhone, iPad, Android, etc. (and all the data you store on them) at risk!
Wouldn't it be great if...
I wish that our computers, smartphones, tablets, etc. could all have a "minimum age for updates" setting that would enable us to tell them "Only install updates that are at least N days or weeks old."
Recent ransomware motivates Microsoft Windows users to install updates
In May 2017 the WCry/WannaCry/WanaCrypt/Wana Decrypt0r ransomware infection started, spreading to hundreds of thousands of Microsoft Windows computers around the world within days, despite an update that Microsoft had released two months earlier that would have made most of those computers completely immune to it. This implies that lots of users were not keeping up with Windows updates. On the upside, the resulting media coverage has prompted many users to catch up on their updates.
Where to go from here
- Rather than taking all software updates immediately (or automatically), I suggest that you wait a reasonable amount of time to install updates until they have had a chance to be tested by other people.
- To help with this, set your computer to check for system updates and notify you, but not to automatically install them.
- If your habit has been to never install updates at all, it's time to start. If this makes you nervous, talk to someone you know and trust and have them teach you how. It's not that difficult!
- http://en.wikipedia.org/wiki/WannaCry_ransomware_attack - More information about this recent ransomware attack affecting Microsoft Windows
How to contact me:
phone: (617) 484-6657
On a regular basis I write about real issues faced by typical computer users. To subscribe to this newsletter, please send an email to firstname.lastname@example.org
and I'll add you to the list, or visit http://www.kadansky.com/newsletter
Did you miss a previous issue? You can find it in my newsletter archive: http://www.kadansky.com/newsletter
Your privacy is important to me. I do not share my newsletter mailing list with anyone else, nor do I rent it out.
Copyright (C) 2017 Kadansky Consulting, Inc. All rights reserved.
I love helping people learn how to use their computers better! Like a "computer driving instructor," I work 1-on-1 with small business owners and individuals to help them find a more productive and successful relationship with their computers and other high-tech gadgets.