Keep Your Device’s Operating System and Applications Up to Date

The Bottom Line

Threat actors can exploit vulnerabilities in your device’s operating system (OS) and applications (apps) to conduct a variety of malicious activities if you don’t regularly install updates.

The Problem

We rely on our device’s OS and apps for everything from checking the weather and streaming music to monitoring email and identifying the fastest route to the doctor’s office.

Sometimes, threat actors find vulnerabilities in these operating systems and apps, which they exploit for malicious purposes such as spreading malware or exfiltrating data.

Developers of operating systems and apps are constantly creating patches to fix known vulnerabilities. These patches become available through OS and app updates.

If you don’t install these updates, you leave yourself exposed to these vulnerabilities.

Despite the temptation to delay them, it is vital you install software updates regularly for enhanced functionality and security.

The Solution

Routinely update the OS and apps on all your devices.

• Enable automatic updates for your OS and apps when available.
• For operating systems and apps without automatic updates, designate a time in your schedule to manually check for and install updates.
• Ensure that you install your updates from official sources, such as your device’s standard OS update feature or a trusted app store. Exercise caution if you are prompted to install an update through a browser pop-up or email, as these may be phishing attempts.

Below are guides from popular developers that will show you how to manually and/or automatically update your OS and apps:

Windows OS

• In Windows OS, automatic updates for your computer should be enabled by default. Here is how to verify: Manage updates in Windows - Microsoft Support.
• You can also set “active hours” to schedule updates and restarts at times when you’re not using your computer: Get updates when you're away from your PC with active hours in Windows - Microsoft Support.
• To automatically install updates to apps downloaded from Microsoft Store, see Turn on automatic app updates - Microsoft Support.

macOS

• For instructions on how to manually or automatically update macOS software and apps downloaded from the Apple App Store, see Keep your Mac up to date - Apple Support (BW).

iOS

• To manually or automatically update your iOS software, see Update your iPhone or iPad - Apple Support (BW).
• To manually update apps on your Apple device, see How to manually update apps on your Apple device - Apple Support.

Android

• To update your Android’s OS, see Check and update your Android version - Android Help (google.com).
• To update the Play Store and apps on Android, see How to update the Play Store & apps on Android - Google Play Help.

If a developer no longer issues security updates for your OS or app, consider finding a replacement.

• If your OS is no longer supported, you should upgrade to the newest available version (e.g., upgrading from Windows 7 to 11).
• For applications, you should find a comparable product that provides routine security updates.

Takeaways

Do

• Enable automatic updates, If available.
• For operating systems and apps without automatic updates, designate a time each week to manually check for and install updates.
• Upgrade to the newest available OS if yours is no longer supported.
• Find replacements for apps if the developer does not provide regular security updates.

Do Not

• Continue using an OS or app if the developer no longer issues security updates.

Project Upskill is a product of the Joint Cyber Defense Collaborative.  

• Module 1: Basic Cybersecurity for Personal Computers and Mobile Devices
  • Topic 1.0: Implement User Account Control to Protect Your Personal Computer