Security patches are designed to fix vulnerabilities in the software you use. Basically, they’re mistakes that mean the software can be exploited by hackers or malware. Remember last spring, when the Heartbleed vulnerability in SSL meant web users’ traffic was exposed?
This meant criminals could, in theory, gain access to your passwords, credit card number, and more.
This is why Windows and other programs are constantly asking you to install updates. Pretend you bought a security system for your house, because you need to protect an extremely valuable diamond.
Two years after the system is set up, the company that installed it for you notices a flaw: criminals who clap three times while bouncing on one leg cannot be detected. Generally, the more complex a system is the more likely it is to have vulnerabilities.
In some cases, this still won’t work when the certificate holds multiple names. If none of those names work either, contact your ISP and ask for the correct name of the mail server that you should use.
Another (less secure) alternative would be to disable the use of SSL for your mail account.
So patches are good, but is there any hurry to install them?
You don’t always need to drop everything you’re doing and install patches immediately, but it’s generally a good idea to install them as quickly as possible. Essentially, these are flaws in software that no one knows about – meaning no one has developed a way to stop hackers and malware from taking advantage of them.
If you use any other name, you’ll get this security warning message.
They then usually redirect the old name of the mail server to the new name so you still can access your mail, but the SSL certificate of the new server no longer contains the old name.
The result is that you get this warning dialog and you’ll have to update your account settings for the new server name.
But these and other updates don’t exist just to bug you: they protect you.
And putting them off makes the job of anyone who wants to compromise your system that much easier.