Windows 7 Security -Softpedia's Guide to Free Security – Part I

Discussion in 'Windows Security' started by whoosh, Dec 21, 2009.

  1. whoosh

    whoosh Cooler King
    Staff Member Premium Supporter

    Apr 15, 2009
    Likes Received:

    The Internet is certainly one of the greatest inventions in the history of mankind. It helped open the road to unprecedented levels of innovation and communication between people. But, life on the Internet is by no means perfect.

    Numerous gangs of cyber-criminals lurk in the Internet's underground and plot their attacks against unsuspecting people. Because of this, Internet users have a very real and pressing need to protect their assets, be them online (accounts of all sorts) or offline (their computer and personal information).
    It would be reasonable to conclude that computer security should be a critical aspect for at least a fifth of the world's population, who use the Internet on a regular basis. However, real-life studies have constantly revealed that a high percentage of users fail to employ even the most basic security precautions online.

    In turn, this ends up affecting everyone. A compromised computer or account is subsequently used to attack other users, thus directly contributing to a decline in the quality of the Internet ecosystem.

    There are complex reasons why people fail to properly protect themselves. These range from lack of computer knowledge and experience to social and economic background, indifference or plain misinformation. Clearly, some of these aspects are hard to address, but the later in particular is the source of many computer security-related myths.

    For example, a lot of people still think that computer security costs big bucks. It's true that many users are willing to pay for advanced solutions or extended support and there is nothing wrong with that. After all, without money, companies would not be able to develop better security models or implement them. But, the sad reality is that a huge number of computer owners, especially those living in developing countries, simply can't afford such investments.

    Others seem to think that users running on pirated copies of Windows installed are getting infected because they don't have access to the same level of protection as the people who paid for a license. By no means do we encourage or endorse piracy, but we don't think this is true. While Microsoft doesn't go out of its way to make this clear, we honestly believe that it is not its intention to keep the software pirates vulnerable to attacks.

    Unfortunately, there are a lot of users running on non-genuine Windows copies out there, and for the sake of the rest of us, they should learn how to protect themselves. This series of articles wants to challenge the belief that security is inherently expensive and to demonstrate that everyone can achieve a reasonable level of protection online for free. It doesn't aim at being a complete security guide for the computer literate and will only contain the most basic advice that we can give to our readers.

    In this respect, some of the articles will name and describe easy-to-use free security solutions from different vendors. However, we are sure that there are plenty of alternatives out there and people are encouraged to discover them on their own. It is also worth noting that even though the principles described in this article hold true for most operating systems, they are particularly meant for Microsoft Windows users.

    Part I - Update, update, update!

    The three "updates" in the title of this part stand for: update your operating system, update your software and update your antivirus program. Updating is a critical aspect of staying safe online. Some of you might find updating inconvenient, but even if it is not as easy as click and go, it is an effort well worth undertaking and it will make a huge difference to your security.

    If you use one of the still supported versions of Microsoft Windows (XP, Vista and 7, without counting the server flavors), make sure that you have the latest Service Pack (SP) for your operating system installed. This is important, as security updates are offered to you based on the SP deployed on your system.

    In the Windows world, a Service Pack is a stand-alone package which contains all security updates, hotfixes and other enhancements released over a longer period of time for a particular version of the OS. There are several methods of obtaining the latest service pack.

    The recommended way is by using the Windows Update website, who's shortcut is located under the Windows Start menu, or the system's Automatic Updates feature, accessible from the Control Panel. The other method involves obtaining the stand-alone installation package (for Windows XP / for Windows Vista) and installing it manually.

    You should note that high priority updates, which include security patches for all Windows components are available for both owners of genuine Windows licenses, as well as for those who choose to illegally run pirated copies of the operating system. The difference is that people who fall in the latter category can only get them through Automatic Update.

    By default, the Automatic Update feature is set to download and install all updates automatically, but this can be changed in order to offer more control over the process to the user. For example, one can choose to only be notified of available updates. They can then manually select only the ones they want.

    Through this method, certain updates like the Windows Genuine Advantage Validation Notification tool, which is distributed as a critical update, can be hidden and never offered for download again. This is not a hack. This is how Microsoft intended it to be. The user will continue to receive the rest of the high priority updates normally.

    Updating third-party software on your computer is another critical aspect, as many of the attacks today attempt to exploit vulnerabilities in popular applications. Programs such as Adobe Flash Player, Adobe Reader, Adobe Acrobat, Sun's Java Runtime or Mozilla Firefox, are installed on a huge number of computers, which makes them attractive targets for attackers.

    So, does this mean that you have to manually check various websites for updates on a daily basis? Fortunately, no. There are special programs or services that can do this for you both automatically and for free.

    One such tool is the Secunia Personal Software Inspector (PSI). Secunia is a reputed vulnerability management company, which maintains an extensive database of security issues that affect different versions of over 12,400 software products, spanning multiple operating systems. The Personal Software Inspector can scan a computer and detect what software installed on it is outdated. If any is found, the program offers direct download links for the available updates, which are rated according to their security impact.

    An alternative is using an online service such as the one Softpedia offers. Our software editors work very hard to keep the tens of thousands of programs listed on our website up to date. You can register for free and subscribe to receive e-mail notifications about updates for your favorite software.

    Keeping your antivirus software updated is always a must. The antivirus is your last line of defense. If everything else fails, this application should prevent malware from being executed on your system. AV software requires updates for malware definition files, as well as for its own components.

    On average, antivirus vendors release malware definition updates a few times a day. Without these updates, an AV application's ability to properly detect the latest threats is significantly affected. Most of the products allow modifying the update checking frequency, therefore make sure to set this interval the lowest possible value.

    Free antivirus solutions and their particularities will be covered in the next part of this series. Stay tuned.

Share This Page