Key takeaways
- Automatic security updates are the default for ordinary personal devices, but recovery still needs preparation.
- Unsupported hardware and software need replacement, isolation, or retirement—not indefinite exposure.
- Verify backups and essential functions after updating instead of judging success by the restart screen.
- Stage updates across critical devices when simultaneous failure would disrupt care, work, or access.
Build an update inventory
List operating systems, browsers, password managers, security software, routers, phones, tablets, smart-home hubs, backup applications, and any device that controls access, health, work, or money. Record version, update channel, support end date, administrator, and recovery method.
A product can still turn on after support ends. The problem is that newly discovered weaknesses may no longer be fixed. Treat support status as part of ownership cost and replacement planning.
Prepare the recovery path
- Run and verify a current backup of files that cannot be recreated.
- Save encryption recovery keys and account recovery codes outside the device.
- Confirm there is enough free space and reliable power.
- Record critical application licenses, VPN or work requirements, and assistive technology.
- Know how to reach vendor recovery or roll back when that is supported.
Use a sensible update order
- 1
Update the backup and security tools needed for recovery.
- 2
Update the router and network infrastructure using the vendor’s official process.
- 3
Update primary computers and phones, one critical device at a time when the household cannot tolerate simultaneous failure.
- 4
Update applications, browsers, extensions, and connected devices.
- 5
Recheck devices that are offline or used only seasonally.
Verify the functions that matter
| Area | Post-update check |
|---|---|
| Access | Screen lock, biometrics, passkeys, password manager, recovery |
| Data | Files open, sync state, backup completes, older version restores |
| Communication | Calls, messages, email, emergency alerts |
| Work or school | VPN, printing, required browser, conferencing |
| Home | Cameras, locks, alarms, thermostat, accessibility devices |
Retire the permanent exceptions
The FTC recommends keeping security software, operating systems, browsers, and phones updated. CISA's Secure Our World guidance likewise recommends installing software updates promptly and enabling automatic updates where available.
For an unsupported device, decide whether it can be replaced, disconnected, isolated without sensitive access, or used offline. Do not let one old printer, camera, or specialist app quietly determine the security posture of every account and device in the home.
Evidence record
Sources and methodology
We used primary public sources for the factual framework, then wrote and structured this guide independently. Links are checked during editorial review and when a guide is substantively updated.
- Are Public Wi-Fi Networks Safe?Federal Trade Commission · Used for: Update and account-security practices
- Securing Your Internet-Connected Devices at HomeFederal Trade Commission · Used for: Connected-device protection and inventory
- Secure Our WorldCybersecurity and Infrastructure Security Agency · Used for: Prompt software updates and automatic-update guidance
This article is general educational information, not individualized financial, medical, legal, tax, cybersecurity, construction, or career advice.