A co-worker of mine sent me this article this morning, since we both have iPhones. He has an iPhone 4 running iOS 4, while I have an “old” (18 months is ancient!) 3G, running iOS 3 something. Here’s an example of when upgrading to the latest an greatest may not be in your best interest. This bypass works on his phone, but not on mine. I know as a security analyst we are all about applying the latest patches as soon as possible, upgrading to the latest OS as soon as possible (maybe), etc.
There’s a by now age-old debate about whether it is best to apply these immediately or not. You have to consider every update in the context of your own situation. I tend towards a middle of the road approach. In a corporate environment, I don’t think it is always a good idea to apply patches immediately. Although they have gotten much better in the last few years and blue screens have become much rarer to see, many companies still have tons of legacy software that has been written in-house and may react strangely with new patches. Companies need time to properly test and re-certify new updates.
Look at the McAfee DAT file update that McAfee admitted they didn’t fully test before it was released worldwide back in April 2010. Companies that were set to download the latest DAT files from McAfee and apply them immediately were crippled, and in some cases it took thousands of man hours to recover. Those companies who elected to wait and test new DAT files escaped a massive loss of productivity.
On the other hand, would I recommend applying Microsoft patches to a home machine like my parents’? Definitely! As I said, when it comes to the timing of applying new updates you need to consider your environment.
January 23rd, 2011 - 6:15 am
I will from applying Microsoft patches to a home machine. Thank you