Rummaging around online, I came across a blogger who had not installed a single XP update since SP2 – that means all the security vulnerabilities that MS has patched since SP2 in 2004, not to mention all the functional fixes, have been ignored.
If XP is treated in such a blindly irresponsible, cavalier, fashion, what about anti-virus software. Is that up to date? Does it actually exist? Let’s assume that, given the shambles that the XP installation may well be by now, that there is no a-v installed – it seems a reasonable assumption – then that blog is possibly a veritable plague zone, and a hazard to anyone who visits it. I’m sure as hell not going to.
I honestly don’t know if that’s a real problem or not, but as I see it, it’s possible to upload a virus with a blog post, at least in theory. Whether WordPress operates an a-v system to protect against this, I can’t say, but I’m sure they do, though no system, I believe, is 100% secure. The only way to achieve 100% security is not to be online.
The thing is, though, if you have a standalone PC that never goes online, then it doesn’t matter that you can’t be bothered with updates to your OS (you couldn’t get them anyway), you don’t need a security system, and you’re unlikely to experience many problems. However, I doubt that many machines like that exist these days, except maybe as closed workplace intranets with no access to the outside world, for security purposes.
Most computers are online, though, if it’s only to browse the Net, and send email, and even for such modest activity, ignoring updates, especially security updates, for almost 5 years is just criminal. Not only does it put your machine at serious risk (especially if anti-virus is treated as casually as the OS), it puts at risk everybody who interacts with you, because if you’re dumb enough to treat your machine so badly, you’re sure as hell dumb enough to open virus-laden email attachments.
A computer like that is likely to be a plague zone, exporting viruses with every email (not to mention viruses exporting themselves in the background). It’s certainly possible, if the user has a website, that web pages s/he creates and uploads may well include viruses, so it seems logical to me that there’s a risk with blog posts too, even though they’re created online (at least the are for hosted services like WordPress.com, I don’t know about self-hosted blogs), but still using an at-risk computer. I don’t know how serious the risk is or, as I said how well blog hosts protect against the uploading of viruses. I suspect virus scanning is rigorous – the risks if it were not a stupendous.
A computer user, like me, let’s say, who spends a huge amount of time online, sends and receives a lot of emails, visits a load of websites and posts to a blog as well as uploading web pages, isn’t just short-sighted if he doesn’t keep his OS updated and secure, and his a-v up to date, not to mention his firewall and anti-spyware/malware apps, he’s guilty of criminal neglect, and puts at risk everyone with whom he interacts online.
There’s no excuse – XP updates are delivered automatically to your computer (I’m only concerned with Windows here, as the major OS), you don’t even need to get involved unless you want to (personally, I check every item first, before they get the go-ahead to install, not least because I don’t want SP3 or WMP 11** slipping in unnoticed), and a-v apps update themselves automatically, too – assuming you’ve had the sense to install one.
**The former is iffy, the latter just horrible.
There’s a critical update on the way for Firefox 3 next week, incidentally . That’s already available, by the way, if you check for updates manually.
The same applies to other software. You should always check for software updates periodically (the update link usually lives in Help), just to ensure you’re running the best version available (in theory, but that’s a can of worms I’m not getting into here), and in the case of software that you use online that’s absolutely vital to ensure you have the most secure version. You have an obligation to others, not just to yourself.
The bottom line – if you’re not prepared keep your OS up to date, at least as far as security is concerned, and install and keep up to date anti-virus software, then please – stay the hell off-line.