Patching and Upgrades
Your computer won't survive on the Internet for long unless you keep Windows, other software like Word, Acrobat, etc., and your defensive software -- firewall, antivirus, antispyware -- up to date. And new computers always come with old software. Count on it.
See: [Secunia Software Inspector] [survey says...] [human but hapless]
The new "Microsoft Update" does everything that Windows Update does and more. In addition to updating Windows, it also patches other common Microsoft software. It's time to make the switch. Microsoft Update requires IE6 or IE7.
http://update.microsoft.com/microsoftupdate/
http://cybercoyote.org/url/182.html -- instructions
You'll need to update Windows XP to SP2 before you can install other updates. Let SP2 turn automatic updates on, or at least turn notification on. You can no longer be secure if you do not patch Windows, and it's too risky to count on doing it yourself.
Sometimes updates or upgrades just don't work out. It's best to back up your system, or at least your documents before you update. What would you do if you ended up with a computer that won't start?
3rd Party patch/update services
Update: Secunia now offers a [free] "Personal Software Inspector" (PSI). Use it to scan all the installed applications on your PC to find out which programs have important updated or are missing security patches. It is very thorough and gives you great info to help you find the updates that you need. You do need to download and install the Secunia PSI, but it's well worth the trouble.
Secunia has a very thorough Software Inspector online, which scans your PC to see if Windows and your other internet-facing software are fully patched. You'll find a list of the applications there that Software Inspector scans.
SANS Institute has very comprehensive information on security threats and solutions, including updates and patches.
Update notifications
Microsoft (or any other sensible organization) never distributes software updates via e-mail. Always go directly to their Web site to get the updates. If you get a message that purports to be a security update from Microsoft it is bogus. Just delete it!
Microsoft does deliver update notices for Windows, Internet Explorer, Outlook Express and other programs. You can sign up for these (technical) notices with just your email address. ["How to Tell If a Microsoft Security-Related Message Is Genuine"]
Microsoft provides lots of update information at their new security site. Also, follow the links at that page to "Security Updates" and then (probably at the next page) to "E-mail Updates".
The SANS Institute has very comprehensive information on security threats and solutions, including updates and patches.
- • attack vectors
- deception the #1 threat
- phishing #1 deception
- poisoned websites
- poisoned email
- email attachments
- downloads
- spam (scams and phishing)
- hackers and worms
- popup warnings
- • malicious content
- spyware
- viruses and worms
- trojans
- • backup is security job one
- • develop your "web smarts"
- don't get hooked
- guard against spyware
- be careful with email
- fear attachments
- surf safely
- • tighten security settings
- windows
- browsers
- email clients
- • defense tools and software
- firewalls
- hardware firewalls
- anti-virus
- anti-spyware/-malware
- all-purpose security suites
- • patch and upgrade software
- • bonus: double your security
- • test your protection
- • protect your privacy
- • WiFi security