Once you patch your PC, sign up for Microsoft's security e-mail bulletin, www.microsoft.com/technet/security/bulletin/notify.mspx, which goes out to subscribers shortly after patches are released. You also can receive Microsoft's free bimonthly security newsletter for home users at www.microsoft.com/athome/security/secnews/default.mspx.
Many patches require you to restart your computer. If you receive a prompt to restart, don't delay; in most cases the patch won't take effect otherwise. And remember, security software needs updating from time to time. Many anti-virus and firewall vendors configure products to take care of this task, but some PC security programs prompt you to visit their Web sites and upgrade to newer versions to remedy new security flaws.
_____Live Discussion_____
•
Monday, 2 p.m. ET: Fast Forward columnist Rob Pegoraro will be online to discuss cybersecurity.
|
| |
_____How to Be Safe Online_____
•
'SP2' a Must For XP Users (The Washington Post, Aug 15, 2004)
•
Skepticism Is the Message for E-Mail (The Washington Post, Aug 15, 2004)
•
Computer Users Need a Good Backup Plan (The Washington Post, Aug 15, 2004)
•
When to Leave What Closed (The Washington Post, Aug 15, 2004)
•
Geek Speak (The Washington Post, Aug 15, 2004)
|
| |
|
Again, don't delay. Here's an example that shows what can happen when you do: Last March, the "Witty" worm attacked computers running Internet Security Systems' BlackIce personal firewall less than 24 hours after the company warned its customers to apply a patch to prevent the attack. Witty wiggled into computers through a hole in the firewall software, damaging or ruining the computer hard drives of more than 10,000 BlackIce customers who didn't take the time to apply the patch.
One final note on patching: Hackers often disguise malicious programs as patches in e-mail messages that claim to come from Microsoft or another software maker. As a rule, never download patches or other security enhancements via e-mail. Instead, type the vendor's Internet address in your Web browser, visit the site and look for recent updates.
Anti-Virus Antidote
Anti-virus software isolates and kills viruses and worms on your PC. Most anti-virus tools on the market today also do a decent job of scanning incoming and outgoing e-mail, one of the most common vehicles for malicious programs. Many computers come with anti-virus software installed but require users to pay for subscriptions to receive updates after several months. Many reputable companies also offer free 30- to 90-day trials of their products, including Symantec Corp.'s Norton anti-virus software (www.symantec.com/purchase/), McAfee (www.mcafee.com/us/) and Sophos (www.sophos.com).
There are also some free alternatives. Last year, Computer Associates partnered with Microsoft to offer a free package of firewall software and anti-virus tools (including a year's worth of updates). The promotion was supposed to end in June, but the package is still available at www.my-etrust.com/microsoft.
Another free option is AVG Anti-virus from Grisoft Inc. at free.grisoft.com/freeweb.php/doc/2/. AVG does a decent job locating -- but not deleting -- many viruses. Also, it doesn't hog nearly as much computer memory as some of the retail anti-virus products on sale today.
A few tips on using anti-virus software: If the option is available, make sure that it is set to allow the program to search for bugs in Windows' "hidden folders." Windows hides important system files and directories that contain the files hackers usually try to disable or corrupt. Also, make sure your anti-virus program is set to download updates automatically if that option is available.
Spyware Everywhere
Few computer pests are more insidious and aggravating than "adware" and "spyware," programs that invade your computer without permission and sometimes report back to marketing companies or the hackers who created them with information about your Internet activity. Even if they don't "spy," they can slow your PC's processing speed and Internet connection.
Fortunately, two of the best tools for squashing spyware are free. Lavasoft's Ad-Aware (www.lavasoft.de) will scour your entire computer for hundreds of kinds of spyware and adware and delete any it finds. The free version comes with unlimited updates (just make sure to select "check for updates" in Ad-Aware each time before you scan). Depending on how often you surf the Web, it's a good idea to program Ad-Aware to scan regularly. Ad-Aware Plus is a $20 add-on that prompts you every time an application tries to change which programs should be allowed to run when the computer starts up.
Another excellent option is "SpyBot Search & Destroy," available for free at www.safer-networking.org/en/index.html. Ad-Aware and SpyBot Search & Destroy target different types of spyware, and each will turn up junk programs that the other missed. Again, the best defense is constant vigilance and layers of protection.
Pop-up advertisements are a popular way to plant spyware, so using a pop-up blocker may help secure your PC. Google's Toolbar (toolbar.google.com/) works well, as does "Pop-up Stopper" from Panicware at www.panicware.com/product_psfree.html. If neither of these options appeals to you, there are dozens of other free pop-up blockers available online. Mozilla's Firefox Web browser also blocks pop-ups by default and protects against an increasing number of attacks aimed at flaws in Microsoft's Internet Explorer browser.
