There are general security tips that apply to all operating systems, of course, but each operating system platform provides its own security challenges. The following tips are tailored to Microsoft Windows XP.
1. Disable dangerous features. Microsoft Windows systems come with a number of features enabled by default that do little or nothing for convenience, but introduce significant security risks. Among these are Autorun, the Guest account, and even Automatic Updates ? because letting someone in Redmond, WA decide when changes should be made to your system, when he has no idea what software you?re running and you haven?t tested the updates yet, is a bad idea. Microsoft Windows provides many features that are activated by default and either poorly conceived from a security perspective or, at best, unnecessary for the vast majority of users. Each of these features introduces its own risks, and any that you do not need should be deactivated.
2. Disable unneeded services. In addition to local operating system features, you should disable unneeded services. Almost exactly one year ago, my article 10 services to turn off in MS Windows XP provided a brief checklist of services to turn off ? or to ensure you know why you?re leaving them on, at least. The list is not comprehensive, of course, but it is a good start.
3. Employ good email security practices. Make use of some basic email security tips to ensure you do not invite the bad guys to read your email, flood you with spam, and take advantage of you through phishing techniques.
I take exception to your statement about Automatic updates.
I agree, and I assume some of this is a copy+paste job from some "tweak info site." Much of the bulls**t propaganda surrounding Automatic Updates was at the beginning of XP when people distrusted Microsoft over their change of activation and having a service making an Internet connection daily - get over it already. If people would just leave that service running it would solve so many issues.
It gets even worse when some service techs have possession of a machine and think it's a "wise decision to disable it on clients computers."
...but it's your Windows installation and if you don't mind some malware slipping into an unpatched system....
At a minimum "Notify me but don't automatically download or install them." should be selected.
I view your signature bordering on spam!
--------------------
Gaming Computers
I agree, not recommended to turn off automatic updates. I always leave mine set to download and then I install after taking a look, mostly because I like to see what they came out with, not because i am worried that they will install something bad. If you have a legit op system and programs, you have nothing to worry about.
It gets even worse when some service techs have possession of a machine and think it's a "wise decision to disable it on clients computers."
...but it's your Windows installation and if you don't mind some malware slipping into an unpatched system....
I agree with part of this Andavari. I think it's a great idea to keep your system patched, however, what about those updates that have negative affects on your computer... Like the ones that have affected security programs like EPS and ZoneAlarm. Anyone ever had problems with the KB956803 or KB951748 patches? It basically kills the internet connection computers with either of these 2 software firewalls. If someone had automatically download/install updates on, they would never know that the updates caused the problem if they were an average user. Is this Microsoft's fault for not testing their updates, especially with a major firewall program like ZA? Sure... But we as users need to be aware of this and not jump on the train as soon as they are released in my opinion.
True, however Microsoft does automatically have a System Restore point made when installing updates to undo any possible issues. It's also up to the end-user to at least look at the updates that will be installed, however we are talking about Windows and bugs do exist and will remain existing.
True, installing updates does create a system restore point... Just thinking to myself how many average users know that fact or know what a system restore point is? I do agree with you though, it should be on the user to know what is being installed. However in a situation like that with Microsoft updates... You think something is helping your computer become more secure, but it is really bumping heads with your security software.
Great post... I was reading the one about the Malware Removal Universities as well. I am actually a freshman (as of 1/29/2009) at Malware Removal University and if you'll let me, I'd like to help here eventually when and if I become proficient at malware removal. I guess only time will tell.
Great post... I was reading the one about the Malware Removal Universities as well. I am actually a freshman (as of 1/29/2009) at Malware Removal University and if you'll let me, I'd like to help here eventually when and if I become proficient at malware removal. I guess only time will tell.
Thanks hazelnut... I hope it goes smoothly and as quickly as possible so I can help people the right way. Malware just keeps getting worse. I really like this forum so it would be nice to help out here eventually in that regard. Small, tight knit community with great software products!
I disabled Windows Update. I check neowin everyday and they always remind me about the updates. I prefer it like that because if you get notifications, you tell the notification that you'll download them later and then it keeps coming up over and over again.
you tell the notification that you'll download them later and then it keeps coming up over and over again.
It is easy to click on it to tell you later I believe.
Maybe a Poll would be handy as to favorite Windows Update information sites and method?
I have never visited the netwin forum as it is rated Yellow by McAfee SiteAdvisor but general comments rate the forum OK but any site that harbors Messenger Plus! 3 & Sponsor (MsgPlusLive-470.exe) deserves a RED rating in my books as that adware is just nasty:
don't believe everything you read. the sky isn't falling just because siteadvisor says so....
SiteAdvisor isn't always 100% correct either, like labeling a whole download site that hosts all sorts of downloads from GPL, freeware, adware, etc., that are usually clearly labeled as such on the sites.