US-CERT Cyber Security Tip ST04-006 -- Understanding Patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                         Cyber Security Tip ST04-006
                            Understanding Patches

   When vendors become aware of vulnerabilities in their products, they often
   issue patches to fix the problem. Make sure to apply relevant patches to
   your computer as soon as possible so that your system is protected.

What are patches?

   Similar to the way fabric patches are used to repair holes in clothing,
   software patches repair holes in software programs. Patches are updates that
   fix a particular problem or vulnerability within a program. Sometimes,
   instead of just releasing a patch, vendors will release an upgraded version
   of their software, although they may refer to the upgrade as a patch.

How do you find out what patches you need to install?

   When patches are available, vendors usually put them on their websites for
   users to download. It is important to install a patch as soon as possible to
   protect  your  computer from attackers who would take advantage of the
   vulnerability. Attackers may target vulnerabilities for months or even years
   after patches are available. Some software will automatically check for
   updates,  and many vendors offer users the option to receive automatic
   notification of updates through a mailing list. If these automatic options
   are available, we recommend that you take advantage of them. If they are not
   available, check your vendors' websites periodically for updates.

   Make sure that you only download software or patches from websites that you
   trust. Do not trust a link in an email messageâ??attackers have used email
   messages to direct users to malicious websites where users install viruses
   disguised as patches. Also, beware of email messages that claim that they
   have attached the patch to the messageâ??these attachments are often viruses
   (see Using Caution with Email Attachments for more information).
     _________________________________________________________________

   Both the National Cyber Security Alliance and US-CERT have identified this
   topic as one of the top tips for home users.
     _________________________________________________________________

   Author: Mindi McDowell
     _________________________________________________________________

   Produced 2004 by US-CERT, a government organization.

   Note: This tip was previously published and is being re-distributed
   to increase awareness.

   Terms of use

   http//www.us-cert.gov/legal.html

   This document can also be found at

   http//www.us-cert.gov/cas/tips/ST04-006.html

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit http://www.us-cert.gov/cas/signup.html.








-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSl4GJXIHljM+H4irAQJ9AggAh103RIkZKg2+fL7sRowWyepPGu5QOs0V
0oFO+EzSWoZggPAQVAW/eEz95bZnKp2LGjbR0nEVd9ai6LJqsM6/EkWagIxtkpe3
DJ+kzFNZojQNmaC/37MBiz/FisyKwvUoehp/igpvUn25agB0cN7OBHbIcls3zNND
y81F+pRYIloeptOlrztDyMdfuxtVi7etG1ghn23B4QV0UTGKdB7OwHFsw8iuWLWL
cTJrj5jfsBBZsgiMxRirAX8lVw8H/7HFEXLoHtkXRpdk6VZnpTnI/upACtzuy2Su
9B84gZCmtyeV1oXfHsZcjTvlBHaM55BdjRh1G1O8KNJdOGMoCvX03Q==
=vGiE
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux