Important Windows Security warning!
Tech Tips. Vol. 2004 No. 15
|
Security experts recently warned that worms might soon be released to exploit a security hole in Windows 2000 and XP. The last time we heard this much bru-ha-ha about security problems--labeled "high risk" by most experts--was in conjunction with the now-infamous "Blaster" worm. Microsoft has released "critical security updates" to close the holes.
If your computer runs any version of Windows 2000 or XP, you should be concerned. However, if you have your computer set to update itself automatically, you should already have the patch. If not, and you have not installed updates in the past few days, then we *strongly* recommend that you install these updates immediately.
How to get the critical updates
1. If you want to download only the 4 updates that address this particular issue, follow the links below to 4 Microsoft technical bulletins. In the bulletin, scroll down until you find the list of "Affected Software". Find your operating system, and click on the "download the update" link. You'll be directed to a download site; click on "download", select "open" to install the download right away, agree to the license terms, and then follow the directions the download wizard gives you. Remember, you must visit all 4 links and do all 4 downloads to patch the holes behind all the fuss!
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
http://www.microsoft.com/technet/security/bulletin/MS04-012.mspx
http://www.microsoft.com/technet/security/bulletin/MS04-013.mspx
http://www.microsoft.com/technet/security/bulletin/MS04-014.mspx
2. If you want to download and install all important updates available for your machine, including the patches that go with this security alert, go to
http://windowsupdate.microsoft.com and click on "Scan for updates". Download whatever you are offered; the patches for this problem are included.
BEWARE OF ANY EMAIL OFFERING YOU UPDATES. GET THEM ONLY FROM THESE LINKS!
Should you set computer to update itself?
We used to recommend that people turn off automatic updating, because from time to time, Microsoft issues updates that themselves cause problems. So we favored waiting for service packs. However, the pace with which security holes in Microsoft products are being discovered and exploited has quickened considerably. We now recommend that home users simply turn on their automatic updating, to ensure that you always get critical security updates. (We continue to recommend that servers NOT be updated automatically.) If you prefer not to use this automatic setting, then you must be vigilant in checking for updates; install all critical security updates made available.
How to turn on automatic updating
In Windows XP with service pack 1: Go to Start | Control Panel | System, and click the "Automatic Updates" tab. Check the box at the top that starts with the phrase "Keep my computer up to date ..." This will enable a series options under the "settings" portion of the window. Use these setting to control precisely when and how updates are applied. There are links in this dialog window that you can follow to learn about automatic updating in general, and about the settings in particular. (If you don't have SP1, you should get it!)
In Windows 2000, go to Start | Control Panel | Automatic updates. Check the box that says, "Automatically download the updates and install them on the schedule I specify." Then schedule the automatic updates by selecting the day and time you want.
Copyright 2003-2005 by Shulman Clark Associates, LLC. All rights reserved.
|
