Unless you have been on Point Nemo for the weekend, you are probably aware of the biggest ransomware outbreak in history: WannaCry. Like any other ransomware, WannaCry could have been avoided by adopting two simple best practices:

  1. Keep your operating systems up-to-date
  2. Take backups regularly

IT professionals have always recommended these best practices. However, there is an increasing number of people who justifies disabling automatic updates. I call these people anti-updaters.

Anti-updaters are particularly active among Windows users. They usually claim that Windows Update’s interruptions are impairing their productivity.

We’ve got an update for you

While I understand that Windows Update can be annoying, its interruptions do not justify turning it off. For instance, Microsoft released the critical MS-17-010 patch that addresses the vulnerabilities exploited by WannaCry two months ago. This means that the PCs infected by the ransomware were at least two months behind with patches. Automatic updates would have prevented many of these infections.

I tried to argue with an anti-updater. I suggested that her tutorial for turning automatic updates off on Windows 10 fosters an irresponsible behaviour. The following is an extract from the conversation1:

To me, this way of arguing is problematic, as it spreads misinformation about automatic updates. Like scientists are fighting against anti-vaxxers, I believe it is time for IT professionals to fight against anti-updaters.

We may not have seen the full extent of the WannaCry attack, as the ransomware may spread again when people go back to work on Monday morning and turn their PCs on. Perhaps individuals and organisations will learn the lesson this time. Nevertheless, I hope you will join me in this campaign to stop people from disabling automatic updates, regardless if they are techies or not.

Footnotes

  1. You can read the whole thread on Twitter by following each reply

About Alessandro

I am a senior information technology advisor, researcher, and Ph.D. If you liked this article, feel free to share it and follow me.