Why It Is Important to Update

A Public Service Announcement from the Guru.

I am not just talking about Firefox, but more importantly your browser plugins (Flash, JAVA, QuickTime, etc) and yes even those Windows Updates too. The below two articles are from a colleague’s blog Grand Stream Dreams and describes what happens when users continue to use out-dated browsers with out-dated plug-ins. A good lesson here too is don’t be fooled by those security alert warnings advertisements aka scareware. Some folks may find these posts a bit technical, but they do show the amount of the time and work that is involved in fixing an infected system. An infection that could’ve been prevented had the user updated their browser, plug-ins and OS. While I recommend reading the entire posts, do read the bottom third of each as Claus gives a summary of what happened and why.

  1. Skirmish 1: A Rouge Security Software battle
  2. Skirmish 2: A Rouge Security Software battle

The most common reason users are not updating their plugins is they simply don’t know and can be difficult. Browser updates they are aware of, as Mozilla does a very good job of notifying users. Even better are Google Chrome updates which by default are automatic. Microsoft does a good job (yes, for once I am giving praise to Microsoft) with the Windows Updates (which also includes updates for Internet Exploiter). However. JAVA, Flash, QuickTime and others not so much.

Mozilla does do an automatic plug-in check each time users update to a newer version of Firefox. Because of this update is how I learned I was running an out-dated version of Flash on my Vista system. Users can also do a manual check anytime by going to Mozilla’s Plug-in Checker page. This functionality is suppose to be integrated in to Firefox 6. It’s a start at least, but the problem I have with this is the link will only be on the plug-ins tab of the add-ons manager. From my experience not many users go into the plug-ins tab much less into the add-ons manager itself. But again, it is a start.

One the most common things I see at Go Firefox! is people saying they don’t want to go from Firefox 3.6 or 4.0 to 5.0, because the previous version works for them and it is not broken. Staying on 3.6 is fine for now, but there is going to be time soon that Mozilla is going to stop supporting 3.6.x. Mozilla already ended support for 4.0 with the release of Firefox 5.0 last week.The bulk of the changes to Firefox 5.0 were security and stability fixes. There were only a few new features included and most of those were ‘under the hood’ performance improvements. Overall there were no core changes between Firefox 4.0 and 5.0. The only reason people are having problems with their add-ons is the developers neglected to modify their add-ons maximum supported version. May be they didn’t take Mozilla seriously enough when it was announced Firefox 5 would be released on June 21, 2011 (who can blame them after the months of postponements with the release of Firefox 4). This should become less of a problem in the future as developers know now that Mozilla will release a new version of Firefox every six-weeks (though Firefox 5 was released two-weeks earlier as development had started earlier) from July 5th, 2011.

While it may not be ‘broke’ in that it doesn’t work anymore, it is broke in that there are stability issue and security holes which hackers are going to take advantage of. While the numbering change may make users think that there will be a major Firefox release every six weeks, this is not the case. Firefox 4.0, 5.0, 6.0 and 7.0 are all the same core browser and user-interface.There may be some minor changes and a couple new features in each release, but overall it is the same browser. Plus, as I mentioned earlier by updating to a new version, users are going to made aware of out-dated plug-ins on the first run of the updated browser.

I like that Mozilla is bumping each release up by a whole number, this going to make it easier for users to know which version is the current. Even I get confused after awhile with Firefox 3.6 which version is the current (for the record, 3.6.18 is the most current). There are still people on Firefox 3.5, who think they are running 3.6 as the number so similar to each other. Then there are those people who don’t really pay attention to the full version number, they see they are running Firefox 3.6 but don’t pay attention to that last number. I’ve run into cases where the user is running something like Firefox 3.6.9 from back in September last year. They just saw that it was Firefox 3.6 and assumed they were good.

Bottom line, It may seem like all these updates are pain and time consuming. However, it beats having your system infected then having to spend hours upon hours trying to get it working again. Or shell out money to have a technician fix your system, which likely means  doing a complete restore and losing all your data. Makes those 30-minutes a week doing updates not seem so bad.