Regular Code Updates Limit Long-term Hacker Opportunities
Short version: Keep your website up to date — the older your CMS (e.g. WordPress, Drupal, etc.) the more time hackers have to reverse engineer and hack it.
Full disclosure and partial sales pitch: Our monthly maintenance plan includes timely updates to your site’s core software, plugins, and themes. It’s not all we do, but as the following article points out there are benefits beyond having the latest features, bells, and whistles.
Full technical version by ace computer security blogger Bruce Schneier here
Security Vulnerabilities of Legacy Code: An interesting research paper documents a “honeymoon effect” when it comes to software and vulnerabilities: attackers are more likely to find vulnerabilities in older and more familiar code. It’s a few years old, but I haven’t seen it before now. The paper is by Sandy Clark, Stefan Frei, Matt Blaze, and Jonathan Smith: “Familiarity Breeds Contempt: The Honeymoon Effect and the Role of Legacy Code in Zero-Day Vulnerabilities,” Annual Computer Security Applications Conference 2010.
Source: Schneier on Security