Monday, May 17, 2004

Windows Security Patches

The Microsoft Windows Update site provides critical updates, security fixes, software downloads, and other relevant security info.

Simply click the Scan for Updates button. Browse the results list and check off the ones you want to install.

Critical updates will always be in a small group at the top of the results page. Always install those first.

When the download finishes, each update will automatically install itself.

Online Security Tip: - Windows Update will automatically track your security updates. When new patches are online, you'll be directed to the Windows Update page for a new scan.

Note: If you use Microsoft Office products such as Word and Excel, click the top button labeled "Office Update" to install those security updates as well.

Lock down Internet Explorer
Microsoft Internet Explorer needs to be updated regularly to maintain computer security.

All existing versions of Internet Explorer have critical vulnerabilities if they aren't patched.

The vulnerabilities can be categorized into these classes:

Web page or Windows interface spoofing
ActiveX control vulnerabilities
Active scripting vulnerabilities
MIME-type and Content-type misinterpretation
Buffer overflows

These vulnerabilities could lead to disclosure of local files or data, execution of local programs, download and execution of arbitrary code, or complete takeover of your system.



How to secure Internet Explorer

To configure the Security settings for Internet Explorer:

Select Internet Options under the Tools menu.
Select the Security tab
Click Custom Level for the Internet zone.

Most of the flaws in IE are exploited through Active Scripting or ActiveX Controls.

Under Scripting, select Prompt for Allow paste operations via script

This increases computer security by preventing content from being exposed from your clipboard.

Note: Active Scripting should not be disabled since it is used by many websites.


ActiveX Controls are not as popular but are potentially more dangerous as they allow greater access to the system.

Select Prompt for Download signed ActiveX Controls.
Select Disable for Download unsigned ActiveX Controls.
Select Disable for Initialize and script ActiveX Controls not marked as safe.


Java applets typically have more capabilities than scripts.

Under Microsoft VM, select High safety for Java permissions

This puts access barriers around the Java applet and prevents privileged access to your system.

Under Miscellaneous select Disable for Access to data sources across domains

This protects you from cross-site scripting attacks.

Also, make sure you have no un-trusted sites in the Trusted or Local Intranet zones. These zones have weaker security settings than the other zones.

Online Security Tip: These security settings for Internet Explorer will be automatically applied to your other Microsoft applications such as Outlook and Outlook Express.

Create a multi-layered defense
Computer security is all about having multiple lines of defense. After applying the security patches to Windows and fortifying Internet Explorer, you now have a good foundation in place.

Now you need to further increase your online security. Build upon that foundation and create some strong castle walls around your PC.

Here's what you need:

Spam Filters
Antivirus Software
Spyware Removal Software
Personal Firewall Software
Online History Clean
PC Utility Software

Each of these helps to close a security gap; together they provide an interwoven shield of online security.

Later gator...

Links to this post:

Create a Link

<< Home