Are Software Updates Useless Against Advanced Persistent Threats?

06/12/2023

∙

A dilemma worth Shakespeare's Hamlet is increasingly haunting companies and security researchers: “to update or not to update, this is the question“. From the perspective of recommended common practices by software vendors the answer is unambiguous: you should keep your software up-to-date. But is common sense always good sense? We argue it is not.

READ FULL TEXT

Are Software Updates Useless Against Advanced Persistent Threats?

Software Updates Strategies: a Quantitative Evaluation against Advanced Persistent Threats

Security, Availability, and Multiple Information Sources: Exploring Update Behavior of System Administrators

Making Secure Software Insecure without Changing Its Code: The Possibilities and Impacts of Attacks on the DevOps Pipeline

Toward Identification and Characterization of IoT Software Update Practices

MLinter: Learning Coding Practices from Examples-Dream or Reality?

An STPA-based Approach for Systematic Security Analysis of In-vehicle Diagnostic and Software Update Systems

Quantifying Users' Beliefs about Software Updates

Are Software Updates Useless Against Advanced Persistent Threats?

Related Research

Software Updates Strategies: a Quantitative Evaluation against Advanced Persistent Threats

Security, Availability, and Multiple Information Sources: Exploring Update Behavior of System Administrators

Making Secure Software Insecure without Changing Its Code: The Possibilities and Impacts of Attacks on the DevOps Pipeline

Toward Identification and Characterization of IoT Software Update Practices

MLinter: Learning Coding Practices from Examples-Dream or Reality?

An STPA-based Approach for Systematic Security Analysis of In-vehicle Diagnostic and Software Update Systems

Quantifying Users' Beliefs about Software Updates