Configuring Automatic Updating
A
critical aspect of maintaining security is to keep operating systems up
to date. Over time, security or reliability problems might be found,
and updates are necessary to avoid any potential problems. For example, a
security vulnerability might be found in a component of Windows Vista.
Malicious users who are aware of this can target systems that haven’t
been updated, and such users might be able to make modifications to the
system or access sensitive data.
To reduce these
risks, Windows Vista includes an automatic update feature that can be
used to download new updates to the operating system. Windows Update
works by periodically contacting servers at Microsoft over the Internet
to obtain a list of available updates. It then compares the current
state of the computer (including which updates have already been
installed and which features are enabled) and determines whether updates
are required. If they are required, Windows Update can optionally
download and install them.
Windows Security Center provides an overview of the current settings for related to automating updates. Figure 7-8 provides an example.
The recommended
configuration setting for automatic updates is for new updates to be
installed automatically. When this setting is chosen, the Automatic
Updating item appears green in Windows Security Center.
Changing Windows Update Settings
In
addition to the recommended configuration of automatically downloading
and installing updates, users have several other options. You can change
the settings for Windows Update by first clicking Security in Control
Panel, clicking Windows Update, and then clicking Change Settings (see Figure 9).
The options include the following:
Install Updates Automatically (Recommended)
This option specifies that Windows Vista automatically attempts to
download and install all updates based on the defined schedule. Options
include choosing a particular day and time to run every week or choosing
Every Day. As mentioned earlier, when you select this option, the
Windows Security Center Automatic Updating section appears green.
Download Updates But Let Me Choose Whether To Install Them
This option specifies that Windows Vista should automatically download
updates but that it does not install these updates until a user chooses
to do so. The benefit of this method is that it minimizes the potential
performance impact to the system while updates are being installed. The
problem, however, is that the user might forget to install the updates,
thereby leaving the system without the updates for significant periods.
For this reason, Windows Security Center shows the Automatic Updating
item as yellow when this option is selected.
Check For Updates But Let Me Choose Whether To Download And Install Them
This option instructs Windows Vista to contact the Windows Update
servers periodically for information about new updates, but it does not
automatically download or install them. When this option is selected, Windows Security Center shows a yellow warning for Automatic Updating.
Never Check For Updates (Not Recommended)
This setting effectively disables Windows Update and prevents Windows
Vista from checking for, downloading, and installing any new updates
that might be available. This option is particularly risky because users
of the computer will be unaware of potential security problems. For
this reason, Windows Security Center displays the Automatic Updating
item in red when this option is selected.
When supporting
customers’ computers running Windows Vista, the recommended option of
automatically downloading and installing updates is often the most
appropriate. In some cases, users might want more control over which
updates are installed and when. One possible reason for this is to limit
the performance impacts of installing the updates and then requiring a
system reboot. It is important to make users understand, however, that
keeping their systems updated by installing updates as soon as possible
is a critical component of overall system security.
Using Windows Security Center to Modify Update Settings
Whenever Windows
Security Center shows a yellow or red warning for the Automatic Updating
item, the details of the item includes a Change Settings button that
enables users and Consumer Support Technicians to change their settings
quickly and easily without having to open another dialog box manually. Figure 10 shows the options that are available.
The first option
automatically configures the Windows Update settings to the recommended
value to download and install updates automatically based on a schedule.
Clicking the second option opens the Windows Update Change Settings
dialog box, which enables the user to make
other selections. When changes are made and applied, the Windows
Security Center display is automatically refreshed to show the current
security status of the computer.
Anil Desai
In the early days of
desktop computers, the most common configuration (especially in a home
environment) was to have computers run in a stand-alone configuration.
Often, the only way to get data between systems was by using removable
media such as floppy disks (a process that is humorously referred to as
“sneakernet”). Over time, the benefits of connecting computers together
using a network became indispensible. Today, it’s not uncommon for homes
and small businesses to have multiple computers, and they need to be
able to communicate with each other. The rise in popularity of the
Internet brought another leap in connectivity. Now, just about every
computer in the world has the potential to connect with any other.
The downside of
networking is that computers are now vulnerable to a wide array of
potentially malicious software infections and attacks. As a Consumer
Support Technician, your customers rely on you to provide them with
protection against these potential problems. Although you have many
technical features and applications to help you take care of the job,
it’s important also to educate users about potential security issues.
Computer users who are new
to the Internet often trust everything they read. Offers to install
software that will magically improve system performance and or reveal
get-rich-quick schemes are very common on the Internet. It can be
helpful to instill a healthy dose of skepticism in newer users. They
should always consider the source of the information they’re receiving,
and they should practice “defensive computing” wherever possible.
A common method of
obtaining sensitive information is through the use of phishing or social
engineering. These methods trick users into providing details such as
name, address, national ID numbers, credit card information, and
passwords. They can also be surprisingly effective, especially with
trusting users. Often, a basic understanding of common schemes is enough
to prevent such schemes from being effective.
Another security
issue is related to the perception of computing risks. When supporting
end users, I have often talked to customers who are almost afraid of
using their computers because of these risks. They tend to hear about
data loss, identity theft, and other issues in the popular media. Often,
the reports are overly sensationalized in popular media. There are
certainly risks with performing any type of action such as connecting to
the Internet, but it can be helpful to reassure customers that, with a
little diligence, systems and information can remain well protected.
Overall, there are numerous potential security risks, but most can be
addressed with a little knowledge and care.
