I am constantly preaching about the importance of not using outdated software which is not updated with the latest security patches, such as we saw as the basis for the WannaCry ransomware attack which exploited vulnerabilities in the Windows XP operating system, which Micosoft had long ago stopped supporting with security updates.
It is important to update all of your software with security patches as soon as they become available. Equifax has recently confirmed that the vulnerability exploited by hackers in its recent massive data breach was in the Apache Struts software used for developing apps. The specific vulnerability was designated as CVE-2017-5768. The problem is that this vulnerability was first exploited by hackers against Equifax in May while a security patch was made available as shown here this security update in March. https://nvd.nist.gov/vuln/detail/CVE-2017-5638
If Equifax had been prompt in its updating of its Apache Struts software, it could have avoided this data breach.
The lesson is clear. Update all of your software programs as soon as security patches are available and whenever possible, make the updating of security patches automatic so you don’t even have to take any specific action yourself to make sure that you are operating the most safe and secure versions of your software.