When a software update is released, it can be a combination of new or enhanced features, and/or any software patches (the fixing of a security vulnerability).

Software updates with new/enhanced features can be welcomed by some users who have been waiting for a certain feature; however, they can be problematic for others, as they don’t need the new features, and the new features often come with a change in the user interface. For example, both my mother & father borrow online books from the local library and read them on their iPads. Both of them dislike getting an update to the library app on the iPad, as it sometimes changes the location of the buttons they need to press to get/read a book, or changes the sequence of things they need to do to open up the library catalog.

Software patches are a different story when compared to software updates. Patches are meant to fix security vulnerabilities – things (essentially things software engineers didn’t initially think of) that could leave your device open to remote access and/or, theft of information, etc. For the security of your device and personal data contained on it, you want to install patches as soon as they become available (e.g., automatically).

On your device (computer, tablet, phone), there are two distinct types of software. Understanding the difference between the two types will help you understand your priorities for software updates and patches.

Operating System

Your computing devices (computer, tablet, phone) typically have one operating system on the device (Windows on a PC computer; macOS on a Mac computer; ioS on an iPad, etc.). The operating system has the most privileged access to your device hardware, and can do many more things to your device than the average piece of application software. As such, if your operating system manufacturer discovers (or is informed of) an operating system software exploit that can be used by a hacker for nefarious purposes, as soon as the manufacturer releases a patch for the exploit, you will want to install it. Having automatic updates for your operating system is highly desirable from a security perspective.

Application Software (Apps)

Application software (often referred to as “apps”) are all those individual pieces of software on your computer, tablet or phone. Web browsers (e.g. Chrome, Safari, Firefox, etc.), productivity software (e.g. Microsoft Office Word, Excel, etc.), games, etc. are all examples. Many companies that provide a website where you can access their services (e.g. banks, weather forecasts, Netflix, Amazon, Facebook, etc.) also have released apps for their services. Apps on smartphones offer the advantage of being appropriately sized for the screen (viewing websites that have not been optimized for viewing on a phone can be challenging); however, sometimes the app doesn’t have (yet) all the features that the web site offers. So, if you are using apps (rather than navigating to a website) you should be updating your apps to patch any security vulnerabilities.

Firmware

Firmware is software that is embedded in a device on a specialized circuit chip. Devices that you can connect to the Internet (e.g. Wi-Fi router, printer, smart doorbell, smart thermostat, smart TV, digital cameras, etc.) contain firmware.

Just like other types of software, security vulnerabilities are discovered and patched by the manufacturer. Devices that lack a screen can’t notify you about a software patch, so when you purchase a device, when you go online to register for the warranty it’s a good idea to also register for “important updates” by email from the manufacturer (you can skip the other promotional marketing material). Also, in the “Settings” choice for each device there is usually a way to manually “check for updates”.

Keeping all your software (operating system, apps, firmware) up-to-date is recommended by Internet security professionals.

Media Attributions

• “Operating system placement (software)” by Golftheman is licensed under a CC BY-SA 3.0 licence.
• “Canon 5D Mark III 1.2.0 Firmware” by Dave Dugdale is licensed under a CC BY-SA 2.0 licence.