Why do updates break things, and is it worth it?

01.26.22 01:46 PM Comment(s)

Why do updates break things, and is it worth it?

It seems like all our devices are wanting updates all the time! Our computers prompt us to restart when we come into the office or are running late for a meeting. Inevitably we're going to be annoyed by these pop ups at one time or another. But is the nuisance worth it? Why is it that security teams and IT pros are constantly harping that is? 

The world we live in: Production

The reality of the world we live in is that software is often rolled out half-baked and on a deadline. More mature companies do a better job of having well tested software, but many companies don't have the resources to properly vet their software and they're incentivized by their bottom line to get the products and features out quickly. This leads to software in the wild that is insecure and/or glitchy. Because of this many companies are playing catchup with their software and trying to fix things that should have never been released in the first place. This problem can be compounded if they also release a patch that is half-baked and not ready.
The other reality of production is simply that every software has to interact with billions of lines of code in the operating system of the host. Even mature software vendors with great vetting processes often fall short simply because it's impossible to truly test every possibility.

The world we live in: Security

The other reality of the world we live in is security. We live in a day and age with many bad actors incentivized to hack software and deploy malicious payloads into that software. This creates a game of whack-a-mole where the programmers and designers are discovering vulnerabilities in their software and attempting to fix it as fast as they can. Sometimes these security fixes fall into the production issues mentioned above, but regardless the fix must be applied, and sometimes because of the need for speed the fix may cause other issues. 

Is it worth it?

For at least the two reasons above updating can be frustrating when things don't work right, but I would argue it's still well worth it! 

First, it's well worth it because the vulnerabilities that are patched are real and often being actively exploited. This means that if you fail to apply the updates, you will drastically increase your organization's risk. Most of the time criminals and malware are going to use known and patched vulnerabilities to pull off their tricks, only rarely are they sophisticated enough to build their own. 

Second, it's well worth it because it keeps you on the same page with the software vendor. They offer updates and train their staff on the updates, so if you don't update you will not get the best support from that vendor, and they have probably fixed issues in their software that could already solve your problems. 

Updating is important, but it can also be done in an intentional way, that's why we've deployed solutions to help our customers get regular updates in a timely manner.