Spyware Problems - Users Are Only Partially To Blame

Implications: ● In a perfect world all users would immediately install any patches or upgrades that would enhance the security of their systems.  ● However, many users, especially in home or home office environments, are reluctant to change something that seems to work.  ● Of course, in a perfect world software patches and upgrades would not cause problems of their own; unfortunately, this is not always the case and a user who has been burned once may be hesitant about applying new fixes.

Analysis: While spyware is certainly a problem that many computer users underestimate or don't take the necessary steps to minimize their risk of exposure to, they are only partially to blame.  Many users have learned the hard way that the interactions among software programs can't always be completely anticipated and that sometimes a solution to one problem can lead to other problems.

Some users have had the negative experience of upgrading to a new browser, installing a Microsoft update, or upgrading to a new release of anti-virus or anti-spyware software only to soon discover that it has adversely affected the stability of their systems. This is especially true in home or home office environments where users usually don't have an in-house IT team to help them resolve unexpected problems.

In almost all large enterprises, and even in many small-to-medium sized organizations, software changes are first installed in a test environment to see if they cause problems prior to being released to the general user community. In a home or home office environment, many users simply take a "if it ain't broke, don't fix it" attitude and ignore upgrades and fixes.

This was not always the case, but has become more common as vendors like Microsoft have released operating system and browser patches that, in some cases, have created other system problems. Once users discover that, for example, a "fix" has disabled one of their devices or perhaps even curtailed their ability to access the internet, they become extremely cautious and may be reluctant to take chances with other patches or upgrades. Some users have even adopted an informal policy of delaying any patch for at least a week in order to see if any problems have been reported in the press.

Malware creators take advantage of this "user installation latency" to launch attacks as soon as a new area of vulnerability is exposed. The user community is caught in the middle; if they don't install a upgrade or critical patch they increase their risk of exposure to malware; if they install a patch that has a problem, they can temporarily disable their systems. While some might suggest that more thorough testing is needed prior to releasing a software update or fix, it is almost impossible to test for every possibility.  Software vendors need to build a protective wall around their software, malware perpetrators need only discover one loose brick.

Perhaps a reasonable tactic would be for users to take a complete system backup prior to installing a software patch so that they can restore their system to its former state in the event a problem is discovered, and then wait for a new patch to be delivered.