Windows Security Updates

Over the past several years, many knowledgeable programmers and security experts have warned the public about serious security flaws in Microsoft's Windows® operating system (OS) software. Microsoft issues "patches" as  they become public knowledge, usually when a virus has been detected that exploits the flaw.  These flaws are mostly related to Internet Explorer, Outlook & Outlook Express, and core OS files.  Some of these are corrected in Windows XP® Service Pack 2 (SP2), and Windows XP SP3 (planned for 1QT 2008).  For more information, follow this link: Microsoft's published security bulletins. As such, it is very important to implement "critical"  Windows Updates as them become available from Microsoft. However, before installing any updates, remember to backup all important information!  Only you can be responsible for insuring the safety of your data and software.  To scan your system for missing Microsoft patches, download and install the Microsoft Baseline Security Analyzer, or run Windows Updates.

Here are some points to consider:

Please be aware that if you install Windows XP® Service Pack 2 (SP2), that some instances of the installation have been know to fail, resulting in loss of data on the hard drive.  DO NOT take installing any service pack lightly.  Make sure that you have backup(s) of all important data.  Also, if you have installed Windows XP with a published (pirated) Key Code, SP2 will not install. This was done intentionally by Microsoft to thwart piracy.  If you have an illegal copy of Windows XP, please do not ask us to circumvent Microsoft's anti-piracy policy.  We reserve the right to refuse to work any system with illegally installed copy-protected content.

If you have dial-up internet service or broadband service without a NAT router, you must use a firewall to prevent internet intrusion.   Windows XP has a built-in firewall.  Click this link to see Microsoft Knowledge Base article 283673 on how to enable this feature.  Unlike the initial release and SP1, Windows XP SP2 activates this firewall by default. Remember that when a firewall is enabled  on your computer, file and printer sharing may no longer be available from your computer.  Many anti-virus software products also include a basic firewall, such as Trend Micro's Internet Security.

Install an effective anti-virus program and make sure it is updated every day.  If you have dial-up service, do not check your e-mail before updating.  If you do, you take the very real risk of infecting your system since the anti-virus program will not get the updates in time.  You should take this approach on any computer that is turned off for more than 3 hours, no matter if you have broadband or dial-up service.  Computers that use broadband and are always on, will usually get updates every 3 hours (Trend Micro's Internet Security default setting).  Your anti-virus program may be set differently, so it important to check these settings.   If in doubt, do an update before checking your e-mail.

   The selection of your brand of anti-virus program is your sole responsibility!  The use of any anti-virus solution does not guarantee against infection or possible data loss.  Whatever product you use, remember to read the license agreement carefully, as well as compatibility with your OS (for example, Trend Micro's Internet Security™ will not run under Windows 95™).  it may also help to read reviews in popular on-line magazines such as ZDnet. To see a list of Anti-virus providers, click here.

Perform a daily backup of all critical data and applications. Enough said.

Now that Microsoft is determined to provide security patches on a regular basis, other brands of software are now being target by criminals for security flaws.  These are as important to install as the Microsoft Windows updates.  However, because Windows does not include an easy way to search for updates for non-Microsoft software, you may need to install a 3rd party application that will help you detect and install updates as they become available.  Blink Professional from eEye Digital Security® is an example of an application that "detects missing patches".  For business networks check-out GFi's LANguard.

What is "Spoofing"?

In general computer terms, spoofing is a way for a program or associated web content to hide it's original point of origin; in other words to disguise where or from whom the content really came from.  E-mail spoofing,  
IP spoofing,  and web site spoofing are examples.

E-Mail spoofing is most commonly seen with spam mail.  Because the protocol for sending e-mail (SMTP) was not originally intended to be highly secure, spammers have found a way to forge the incoming e-mail headers to appear to originate from another source.  In this way, they are attempting to hide their real source to prevent detection and blocking.  For example, you may receive spam that appears to come from a non-spamming source, even from people that you may know.  Spammers hope that this will enable them to "slip past" detection systems, and provide a higher chance that you will actually view the e-mail.  If you receive spam mail that looks like it came from a legitimate source, there is a good chance that e-mail spoofing has occurred - so don't be quick to blame what you believe is the originator.  Some people may also receive a "bounce-back" e-mail from an anti-spammer bot or server claiming that they have attempted to send an e-mail that contains a virus, or simply violates generally accepted anti-spamming rules.  In this case, someone else is using your e-mail address to spoof the header and pretend that you are the original sender.  A policy server on the internet (an internet bot) has detected the e-mail and "sends-back" a message to what it believes was the original sender.  Unfortunately some bots are not smart enough to detect the forged header, so you receive the warning instead.  This is possible indication that someone you know may be infected with a virus, or it may simply indicate that your e-mail address is now part of the spammers list of well know e-mail addresses.  Either way, your best bet is to simply delete all spam immediately and ignore the bounce-back messages.  Installing a good anti-spam software program can help.  Although not perfect they can help reduce spam.

Web Site spoofing is commonly seen with criminal activity that attempts to lure people to forged web sites for the purpose of stealing personal information such as credit card numbers and social security numbers.  Phishing and web site spoofing are often used together.  A spoofed web site address will take you to a false web site that looks like the real site that you intended to visit.  You can protect yourself by making sure you have the latest web browser updates and by never clicking on links that take you to a web site that asks for personal or financial information.  If you need to use a web site for these kinds of transactions (on-line banking or credit card purchases), simply type the address in your browser's address bar every time.  This may seem overly cautious, but external links that take you to web sites that give access to confidential information or are intended as on-line shopping sites, may expose you to spoofed web sites.  For more information, read Microsoft's article, "How to recognize spoofed web sites".