Install security patches regularly

Last revision October 5, 2009

Security safeguards:
  1. Minimize network presence
  2. Using strong passwords
  3. Install security patches regularly
  4. Backup computer data
  5. Encrypted login
  6. Network firewall
  7. Switched ethernet

All software has "bugs". Even if you correctly configure network services on your computer and use strong passwords, there could be a software defect that still allows a hacker to access your computer. Fortunately, as these bugs are discovered, all the major software vendors implement fixes, normally called security patches, which they make freely available via update mechanisms or on web sites.

Because even a new computer comes with a copy of its operating system and software that is several weeks to months old, you must look for and download security patches as soon as you connect your computer to the Stanford network. The Stanford network self-registration system will perform this task for you automatically.

Microsoft provides a Windows Update service for all supported versions of the Windows operating system. The Stanford self-registration system (or setup by the CRC technicians) will enable the auto-update service. You can check to make sure that auto-update is enabled, or change the time of day, using the Automatic Updates application in the Control Panel. You can also manually check for new updates at this web site:

Apple Computer provides a similar service, called Software Update, that is found in the System Preferences application. Again, the Stanford self-registration will enable this service to check for updates automatically at weekly intervals. You must agree to install the updates when they are found, particularly any that are labelled "Security Updates". You can also check Apple's web site for recent software updates and patches at:

Many software bugs that allow hackers to access your computer are now found in application programs such as your web browser or Adobe Reader or Flash. Most such applications have an "auto-update" feature - make sure it is enabled, and that you install the patches as they are made available.

Unix and Linux vendors also provide patches on their web sites. System managers for those computers should check for patches regularly or sign up for email lists that notify them when new patches are released.

Comments or Questions?