Article: Do You Have All Critical Security Patches Installed?
My PC Hell Forum
January 09, 2009, 07:51:30 PM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Moving to New Location Soon! Watch out for notification. 14th Dec 2007.
 
   Home   Help Search Calendar Login Register  
Pages: [1]
« previous next »
  Print  
Author Topic: Article: Do You Have All Critical Security Patches Installed?  (Read 696 times)
windowsxp550
Administrator
******
Posts: 932



View Profile WWW
« on: August 08, 2006, 01:56:58 AM »
Article: Do You Have All Critical Security Patches Installed?
[blockquote][blockquote][blockquote][blockquote]Do You Have All 'Critical Security Patches' Installed?...
 Don't Rely On Windows Update
 
 
 
 
"A security issue has been identified that could allow an attacker to remotely compromise your Windows-based system and gain control over it"

Does this sound familiar?

Unless you have been living under a rock for the past several years, it should sound familiar.  This is the standard message that Microsoft uses whenever they release another Critical Security Patch for a new Security Vulnerability that is discovered.  On average there are typically 3 to 4 new vulnerabilities discovered each month and for each one there is a new "critical patch" that Microsoft issues and distributes via Windows Update. 

So how in the world do we keep up with all the vulnerabilities and patches..?  Well Microsoft has made it easy for us - Windows Update.   In addition to Windows Update, they created a tool, called Automatic Updates that is built in to Windows XP.    For most people, Automatic Updates is always enabled, so whenever a new patch is released, their computer is set to automatically get the patch and install it.  Set it and forget it....  Then there are others who keep Automatic Updates off and then periodically check the Windows Update Site manually for updates - I fall into this category.  So your probably saying, Yeah, Yeah, Yeah....I know this already. 

In either case, be it if you keep Automatic Updates on or if you have it off and manually go to Windows Update, you are doing something that you probably don't even realize you are doing and that is, You are 100% relying on Windows Update. 

How do you know, for sure, that when it scans your computer, that it is effectively finding everything you really need?  What if spyware, was altering or preventing Windows Update from working properly.  How would you ever know?? 

Up until about 2 weeks ago, I, like most XP users, was relying on Windows Update without question.  Think about it, to rely 100% on Windows Update, is saying Windows Update is a flawless program capable of resolving any computer configuration and is able to determine 100% of the needed updates.    This, as we all know, is not the case.  I don't think you will find a single software programmer who will claim that their software program is "Flawless" - because in reality, there is no such thing as a "Flawless" program.

So after thinking about this, I decided to put WIndows Update to the test.  The test I did was actually quite simple.  I first went to Windows Update (since I don't have Automatic Updates Installed) and I installed anything that appeared under "High Priority Updates" (the security patches are almost always listed as high priority).

Then I went to Windows and went to the Download Section and sorted the list by date (so that the newest updates were listed at the top) manually looked through all the updates that have been released since the beginning of this year.   I only looked for the Security Patch High Priority Updates and I compared them to the Updates I had on my computer (which is found in Add/Remove Programs).  

The result was, since January 1st, 2005, 
I was Missing an astonishing 11 Updates!!!!
Honestly, I would have been a little upset if it had missed one or two updates because after all, like the majority of Windows XP users, I am pretty much 100% relying on Windows Update to find what I need.   11 missing updates!  That is a huge problem.

After this discovery, I decided that to be sure that I was getting the proper security updates, that while I would still go to Windows Update however, I would also occasionally manually go through the downloads via Microsoft's Website.   I've outlined how to manually check your updates below...

First Go To Microsoft's Download Site, http://www.microsoft.com/downloads/search.aspx?displaylang=en

In the KEYWORDS Box, type "Security" (or leave it blank if you want all the updates and not just the security patches)

Then Change the Product/Technology to "WINDOWS XP".  and click Search. 



Then on the right hand side change the sorting style to "Date" then click "Go".



Now Compare the Updates With the Updates on your Computer.  The Updates on your computer can be found in your "Add/Remove Programs" (Click Start then Control Panel , then Add/Remove Programs).  Make sure to check Mark "Show Updates". 



Go through and compare, you might be surprised, like I was....

[/blockquote][/blockquote][/blockquote][/blockquote] 
This guide was written by Jason LeDuc.   Copyright ©  2005-2006.  All rights reserved.
Logged
TAGGING!!!  New Feature Added to FixMyXP!

Click HERE to Read all about it
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC Valid XHTML 1.0! Valid CSS!