A Windows Update broke my computer. Should I turn updates off?
Cyber security and resilience Learning Centre

A Windows Update Broke My Computer. Should I Turn Updates Off?

Regular Windows Updates are proven to be in your best interests.

NO! Please don’t do that. While it is true that Windows Updates can cause the occasional issue, the vast majority fix a multitude of sins and close security holes that have been identified as a threat to your PC or laptops security. On balance, leaving Windows Updates on and doing them regularly is hugely in your best interests.

Don’t forget Office updates. Microsoft Office is usually updated when you updated Windows and it is important for security that you do. Make sure that “Receive updates for other Microsoft Products when you update Windows” is enabled in Windows Updates Advanced Options.

Not just Microsoft

Adobe’s ubiquitous Acrobat and Reader software is frequently exploited, and in fairness, to Adobe they frequently patch the “holes” in the security of their software (although not as frequently as we might like). Many, many of us use Adobe software and yet it falls outside the scope of Windows Updates, is often neglected and therefore it comes as no surprise to IT professionals that hackers frequently look to “weaponise” Adobe formats. Regular updating of Adobe Reader, Adobe Flash and other Adobe products is highly recommended. There is actually a very good argument for disabling Adobe Flash entirely.

Old software

Many organisations use software that is no longer supported or updated, and this can be dangerous. Trying to stay on top of updates for current software is challenging enough, without using software that has been abandoned by the vendor. Obvious examples of software we see in this category are

  • Windows 7
  • Windows XP (yes we still see it)
  • Office 2007 (don’t forget that Office 2010 goes out of support in Oct 2020)
  • Windows Server 2008 / 2008R2 / Small Business Server
  • Windows Server 2003 or earlier (yes we still see it)

Surely you are overstating the risk?

The NHS and many other organisations maybe thought the risk was negligible or manageable before they got hit with Ransomware with devasting results a couple of years ago. Microsoft, Adobe and other vendors invest an enormous amount of time and money developing and releasing security and stability patches for their software. They wouldn’t do this if there wasn’t a very good reason for it. A vulnerability in software can be like a “hot knife through butter”, bypassing controls and security to infect your computer. Under the UK Governments Cyber Essentials criteria, patching is seen as a critical component of your protection against the “nasties” constantly being developed by cyber criminals.

PS – Dont forget your website

While this article is focused on PC’s and laptops, leaving a WordPress or Joomla website without having the components, plugins and database regularly updated is simply asking for trouble .. not to mention potentially infecting your customers and prospects computers. Now that would be embarrassing!


Ready to talk IT?