Spyware, Viruses, & Security

General discussion

When is it safe to click on "install updates" pop-ups?

by Lee Koo (ADMIN) CNET staff/forum admin / October 15, 2010 5:53 AM PDT
Question:

When is it safe to click on "install updates" pop-ups?


One question I have not seen addressed here regarding computer security
that I hope you will consider is: How safe is it to click on "install
updates" when pop-ups appear from Microsoft, Adobe, Java, and the many
other software providers who know you have their product? What
prevents hackers from using look-alike pop-ups to infect with malware?
What if I'm not sure; how can I check? Thanks.

--Submitted by: John M.

Here are some featured member answers to get you started, but
please read all the advice and suggestions that our
members have contributed to this question.

When is it Safe??? Excellent Question --Submitted by: charleswsheets
http://forums.cnet.com/7726-6132_102-5009281.html

Good Question. --Submitted by: webserf
http://forums.cnet.com/7726-6132_102-5009287.html

WHEN IS SAFE TO ACCEPT UPDATE POP-UPS NOTIFICATIONS --Submitted by: GEO2003
http://forums.cnet.com/7726-6132_102-5009401.html

Be careful --Submitted by: davefrombc
http://forums.cnet.com/7726-6132_102-5009320.html

NEVER --Submitted by: ruggb
http://forums.cnet.com/7726-6132_102-5009622.html

Thank you to all who contributed!

If you have any additional advice, tips, or recommendations for John, please click on the reply link below and submit away. Please be as detailed as possible when submitting your answer. Thanks!
Post a reply
Discussion is locked
You are posting a reply to: When is it safe to click on "install updates" pop-ups?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: When is it safe to click on "install updates" pop-ups?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
wow
by joedi1 / October 15, 2010 10:10 AM PDT

I just want to say you may hover over the update and read what it is about before you install it.

Collapse -
UAC
by wanderatlarge / October 15, 2010 10:13 AM PDT

I have a UAC (User Account Control ) feature turned on. Each time a program (outside of Windows domain ) is executed, the UAC will pop a window with the following:
"Do you want to allow the following program to make a change to the computer
Program Name: xxxxx
Verified Publisher: xxxxxx
File Origin: xxxxxx"

This will give enough information to make sure that the program is genuine. There is a
Show Detail feature as well.
This might be a bit annoying at times, but gives you an opportunity to stop any program you do not trust.

Also, a good practice not to allow any unsolicited upgrade. Instead, go to the website ( Microsoft, Adobe, Java, etc ) and download the update yourself.
JR

Collapse -
When is it Safe??? Excellent Question
by charleswsheets / October 15, 2010 10:16 AM PDT

Hi John,

Your question is one which has to be answered by millions of computer users every single day. I think the answer is sort of simple, but not always easy.

First let's examine the different kinds of updates you may be notified about, and then we can address some of the do-s and don-ts regarding pop-ups.

1. If you use Microsoft Windows and you have automatic updates turned on, the only notification you should ever see is the Yellow Shield in your System Tray (The Lower Right Portion of Your Taskbar). Although the Updates are called "Automatic", they will only install if a) You click on Update Icon and instruct Windows to proceed with the update/s in question; or 2) You properly shut-down your computer after updates are downloaded (but not yet installed) on your computer. When this occurs, you will be notified when you shut down the computer that Windows is installing updates and will shut down when it's finished.

2. Anti-Virus/Anti-Malware Updates. THESE CAN BE VERY DANGEROUS!!! If you receive a notification that the Anti-Virus or Anti-Malware Program installed on your computer has an update to be installed, I generally recommend you take the following steps:

a. Write down the name of the Program that says it needs or has an update.
b. Properly Shut down your computer.
c. Restart your computer and open the program that said it needed to be updated.
d. Update the program from within the program being updated. For example, if the message said you needed to update AVG, open the AVG user console and check for updates there. This will avoid the possibility that the notification you received may have been a fake.

e. The reason you need to shut down your computer is this. In most instances, viruses, spyware, malware, etc. are activated or installed by clicking on them. The simplest way to avoid the problem is by shutting down your computer. DON'T CLICK ON ANY AREA OF THE NOTIFICATION!!!

3. Almost every program installed on your computer has a capability to either Automatically Update (you don't see it happening), or to update the program from within the program itself. Adobe Reader can be updated from the Help Pull Down Menu. With Adobe Flash or Java - if you are notified they need to be updated, just log on to the website (Adobe.com or Java.com) and download the latest version of Flash or Java. It only takes a couple of minutes and is much safer than following a possibly harmful pop-up.

4. Email. Never ever, ever follow a link from an email you've received to update a product. If there is an update available, you should be able to find it by using the programs internal update feature. If you can't find it, try the program's web site. You'd be surprised how many fake update notifications people receive through email. If you're looking at new products and you trust the site (always check the URL address), that's okay. If you're uncertain, Delete the email. If there truly is a problem, you'll find out soon enough. In most cases, they're just trying to sell you something new.

I hope this at least addresses the core of your question. Pop-ups are dangerous and unreliable for the very concerns you raised in your question. Most specifically they can be faked. So the short answer I give my customers is - Leave them Alone!!! Shut down. Start over. Use the Update features provided in your programs. You should also set the specific settings for how and when programs check for updates when that feature is available.

Best of Luck

Collapse -
great answer, very clear
by Carol T / October 22, 2010 12:23 PM PDT

Thank you thank you. Even someone not literate with the lingo can follow this advice. I had the experience of clicking on one of those antivirus fakes and it caused devatating distress to my whole system! Thank you for spelling out how to do updates in a clear and easy way!

Collapse -
When is it safe
by Packer21 / October 22, 2010 2:01 PM PDT

Thanks for the tip and the 64 dollar question when I went to click off on a pop up it was a defying expierence, it wouldn't let me until I hit task manager to end it. Thanks again for the tip.

Collapse -
When is it safe to click on "install updates" pop-ups
by lucianogmail / October 23, 2010 3:16 AM PDT

Charles' answer is accurate and provides most of the information needed.
However, being a lazy so and so, I often found this task time consuming, boring etc. etc. So I was happy to discover the services of "FileHippo.com".
I downloaded a small piece of free software and pronto! every time an application has an update availaible on the provider's website I am asked wheter I wish to download and install it.
Filehippo is run by CCleaner a company far better equipped to deal with fakers than I am and I dont' need to check if I am running an application out of date.
Is it too easy to be safe?
Luciano

Collapse -
When is it safe?
by Genesis60 / October 23, 2010 3:44 AM PDT

Thank You

Collapse -
good advice
by pearse bell / October 23, 2010 4:23 AM PDT

thanks that is good advice I always update when asked now i will think twice pearse

Collapse -
Is a follow up question allowed?
by Carol T / October 23, 2010 2:51 PM PDT

My question is whether it's dafe to click on the microsoft pop up that tells me a virus was detected click here to fix. I have Microsoft Security Essentials as protection. I just turned the computer off the way you said, and turned it back on and the pop up did not reappear.

Collapse -
Look at it carefully...
by JCitizen / October 24, 2010 6:45 AM PDT

Can you identify exactly what a MSE popup looks like to the finest detail? If not, maybe it is safer to open the console and look there. You should be able to control that there I would think. I don't use MSE, but what little I've dealt with, is pretty basic.

If you can't remember, look on the Microsoft site for a screen shot, and you can verify pretty much for sure. I haven't had a popup yet, that was caused by malware. that was accurate; but they came uncomfortably close!! Shocked

Collapse -
When is it safe to install an update?
by janakieb / October 28, 2010 1:37 PM PDT

Thank you very much.
I found the answer extremely useful and informative too.

Janakie

Collapse -
My Other Posts
by High Desert Charlie / March 19, 2012 8:49 AM PDT

Hi All,

This is just a note to mention my new username has changed from charleswsheets to High Desert Charlie. You can view my post on other subjects under that username.

link is here - http://www.cnet.com/profile/High+Desert+Charlie/

Thanks
High Desert Charlie

Collapse -
Good Question.
by webserf / October 15, 2010 10:32 AM PDT

Great question..
Many times, my customers, have called me to remove "virus" protection software that itself, IS a virus or malware of some sort. I call it "extortion-ware". By the time you've clicked, "fix your computer now", you've done the damage..
But the question is , how do you know?

Most of the software that offers updates is in fact safe, but the key is, software that you've authorized, or is part of the OS, is safe to update. It is a safe bet that a Pop-Up that warns you about your files, being corrupted, and asks you to pay for or install the "full version" of a "cleaning" software, is probably malware. Do NOT click on that button!
Also, a common trick these hucksters use, is to offer a "yes" or "no" button, and pressing either one will do damage.
When you are not sure, do NOT click anything, but "x" out of the pop up, if you can.
As well, if you don't have critical data open, you could shut your computer down immediately. At the time of restart, run spyware, and virus scanning software, at this point hoping that it hasn't already infected your system.

Any time an "update" seems urgent, it probably will be dangerous to click to continue, Unless, you are fully aware of the software in question, hence your own virus software.

Collapse -
thanks
by Carol T / October 22, 2010 12:24 PM PDT
In reply to: Good Question.

This answer added a few nuances to the previous one. Thanks for spelling it out so clearly.

Collapse -
The "X" is not necisarily safe
by meseptiamus / October 22, 2010 10:25 PM PDT
In reply to: Good Question.

Anyone that writes code knows that what the "X" in the upper right of the window does can be altered so clicking the "X" can kick off the malicious code the same as a yes or no button. The best bet is to kill the process although at this point I would suggest it may be too late.

Collapse -
Good Question. by webserf
by dannydee1978 / October 23, 2010 12:57 AM PDT
In reply to: Good Question.

Clicking the red 'X' to close a pop-up is not advisable as many Malware producers are now using the Red 'X' to install the malicious software on your computer.

Collapse -
True, in many cases.
by webserf / October 23, 2010 8:53 AM PDT

It is important to note, that by the time such Pop-Ups have appeared, usually the damage has already been done.
I have found that the safest thing to do is shut down immediately, and then run malware scans at start-up. I wasn't clear in the first post and UNFORTUNATELY, revisions/edits can't be done, else I would have corrected my advice.

I should have been more specific when using the "x" remark.

The Original Question was specific to known software(s), that are already loaded, such as "flash" or "java" OS, etc..
"x"ing out of those is safe 99.99% of the time. They are rarely spoofed (to my knowledge)

I've personally never seen rogue software/malware spoof these software(s), as they (the crooks) are usually trying to extract money from the victim. To do that, they must convince the user that their computer is infected with a virus (such as the recent Rogue, Anti-Virus Pro 2010). New ones every year and they do make money for these crooks. The software "Cleans" the computer and 49 dollars later the unknowing user goes back to a computer that "works" again.

I suppose an argument could sadly be made in favor of paying the "ransom". I know a few who have. To have the likes Geek Squad come out, one could be out 1-2 or more hundred dollars, as opposed to the "ransom".

Fact is, for those computer users that are nervous about what to do, the costs will be there to get the problem solved, One way or another. Sadly, these rogue companies get some of that cash. And months, or a year later, that pop up comes back. I wonder how many folks have paid more than once for this "protection".

Collapse -
reply
by charityw6 / October 15, 2010 10:36 AM PDT

First answer is: It is best to close the pop-ups and manually install the updates. It never hurts to check if there are any updates available from time to time anyway, especially when you're being nagged by the pop-ups.

Next answer is: Nothing actually, just the user, and you have to be aware of what you are clicking. If you are not sure, then DO NOT CLICK IT!

Collapse -
I dunno...
by eovti / October 22, 2010 8:20 PM PDT
In reply to: What??

...he's speaking in tongues again!

Collapse -
Sorry, my post ended up in the wrong place!
by eovti / October 22, 2010 8:22 PM PDT
In reply to: I dunno...

*goes off to eat earthworms in a corner of the garden*

Collapse -
Probably not.
by MDFlax / October 22, 2010 8:25 PM PDT

It's not you.

I have just deleted that nonsense post because.... it was nonsense! Happy

It may be that you were replying to the 'reply' to that post as I was deleting, but my delete deleted that reply automatically.

Well, it makes sense to me anyway, Devil

Mark

Collapse -
I like charityw6 answer, I have had to go to
by Darrell / October 15, 2010 8:46 PM PDT
In reply to: reply
Collapse -
(NT) Also, I have SecuniaPSI and that is also an excellent idea.
by Darrell / October 15, 2010 8:51 PM PDT
Collapse -
Best idea
by Osiris43-Live / October 17, 2010 12:52 AM PDT
In reply to: reply

This is the best idea I've seen.

If you see an update pop up, go to the vendor site yourself and check for updates if you have any doubts at all.

Collapse -
Installing updates
by DH1 / October 15, 2010 10:38 AM PDT

I cannot improve on charleswsheets' reply. Excellent! I'll simply reiterate -- and summarize what I, perhaps overcautiously, do.

Whether it be a Windows update notification, an anti-virus one, or ones from Acrobat, Adobe, et al, I never, ever click the update link. I either open the program and check for updates or go to the program's website and download updates from there.

I suspect "my" way is not necessary -- but it gives me a double-layer of security that the update is legitimate.

Collapse -
Simple...
by William Sommerwerck / October 15, 2010 10:50 AM PDT

Ignore the popup, and close its window with the X (Close) button. Then go to the software publisher's site and see whether there's an official update for that product.

Collapse -
Be careful
by davefrombc-18911912691153712567838115300391 / October 15, 2010 11:27 AM PDT
In reply to: Simple...

Don't click the "X" to try to close the popup.. THere are malware tricks that use that to install their garbage as well as clicking anywhere else on the popup.. Either reboot ,as has been suggested before , or use the Control/Al5/Delete to open Task Manager and close the program the popup came from ( usually Internet Explorer ).. Open the program the update was supposedly for and check for updates within it ; or go directly to the program creators website. Most of the malware popups my friends have been caught on are phony anti-virus popup warnings; with any click on it or the red x actually installing the malware.
The safest way to deal with any suspicious "update" announcement is to close the progam it came up during , and go directly to the publishers site to chack for updates.

I agree charleswsheets reply is the one to follow, with ther additional warning not to try closing the popup with the red x as you would a normal porgram .

Collapse -
another way
by porsche10x / October 25, 2010 1:56 AM PDT
In reply to: Be careful

There is a safe, easier way, at least in most cases. Just right-mouse-click on the taskbar entry at the bottom of your screen. The flyout context menu will have "close" as a choice. Click on "close". Since the context menu is clearly generated by the operating system, you're safe from fake X's.

Collapse -
I've read this is dangerous too!..
by JCitizen / October 25, 2010 4:22 AM PDT
In reply to: another way

It seems Ctl>Alt>Del and then open the task manager is the safest way to shut down pop-ups. Never underestimate the ability of the malware to take over the GUI. This applies to XP,Vista,Win7,32bit/64bit and it doesn't matter if you are logged in as administrator or restricted user.

Google Carberp if you want to get scared witless!

Collapse -
closing out pop ups
by momskates / October 28, 2010 2:59 PM PDT
In reply to: Be careful

Didn't know that clicking on the red X would load a malware. Now that my computer is running slower than molasses & I can't even do a Google or Yahoo search, I must be heavily infested. I use Avast & SpyBot & can't get either to fix or remove anything. One keeps saying "error" in removing/fixing the problem . . the other says I'm not the administrator & it won't scan the files. What do I do now? I don't have anyone to help me through this. I can use the computer, but it takes forever to read or do anything. I may as well have dial-up! HELP! I need detailed step-by-step instructions. My computer is a Medion with Windows XP It's about 9 yrs. old. Not sure of model number.

Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

Tech Tip

Know how to save a wet phone?

It's not with a dryer and it's not with rice. CNET shows you the secret to saving your phone.