Three ways to improve Windows security

Part one of the "10-Step Security" refresh focuses on keeping Microsoft's Windows XP and Windows Vista operating systems patched and protected.

Three years ago, I attempted to condense PC security into 10 steps you could finish in about an hour. After a recent false-positive on a virus scan, I returned to that advice and realized that those tips are sorely out of date.

I'll re-examine the first three tips here and will cover the rest in posts later this week.

Step one: Set Windows to download and install updates automatically.

I don't do that anymore. Windows updates often cause problems, so I set Windows to download but not install updates. Then I wait a couple of days before actually applying the patches to see whether there are any reports of problems related to the fix. If all is quiet on the update front, I install the patches. I don't have to worry about forgetting because Windows will keep a little update icon in my system tray.

To change your Automatic Update settings in XP, click Start > Control Panel > Security Settings (in Category view) > Automatic Updates. Select "Download updates for me, but let me decide when to install them" and click OK. You'll find more about XP's automatic-update settings on Microsoft's Help site.

To access Vista's update controls, press the Windows key, type windows update, and press Enter. Click "Change settings" in the left pane, choose "Download updates but let me choose whether to install them," and click OK.

Windows Update Change Settings dialog box
Set Vista to download updates but let you decide whether to install them via Windows Update's Change Settings dialog. Microsoft

Step two: Visit the Windows Update site (or Microsoft Update, as the case may be) to download updates manually if the PC has been off for a long while.

Perhaps a better destination for your first stop after an extended period offline is Secunia's Online Software Inspector or free Personal Software Inspector.

Both the online scan and downloaded program will check Windows and many applications on your PC to ensure that you're using the latest versions available. The client-based scan recognizes more programs than the Web-based service.

Step three: Enable Windows' built-in firewall.

This tip is way out-of-date. On the good side, the defenses built into Windows XP and Vista have improved considerably over the last three years. Unfortunately, they haven't improved enough to trust the safety of your system and private information to Windows alone. In my opinion, you simply have to use a security suite.

In the absence of a commercial security suite, you should activate the firewall and other security features in Windows Defender. But that's just not good enough. There are plenty of free antivirus programs, bidirectional firewalls, and anti-spyware programs. You'll also find a lot of security add-ons for the Firefox browser.

The problem is in managing several different security programs, any of which could conflict with some other app on your PC or with Windows itself. That's one of the principal advantages of a security suite: you can be pretty sure the various components will work well together, and you're dealing with only one vendor, for better or worse.

You can compare the virus-detecting ability of various security programs by perusing AVTest's most recent results, which include tests of the 2009 editions of most big-name security apps.

Next up are steps four, five, and six, which include keeping your browser safe. That will be the subject of my next post.

About the author

    Dennis O'Reilly began writing about workplace technology as an editor for Ziff-Davis' Computer Select, back when CDs were new-fangled, and IBM's PC XT was wowing the crowds at Comdex. He spent more than seven years running PC World's award-winning Here's How section, beginning in 2000. O'Reilly has written about everything from web search to PC security to Microsoft Excel customizations. Along with designing, building, and managing several different web sites, Dennis created the Travel Reference Library, a database of travel guidebook reviews that was converted to the web in 1996 and operated through 2000.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments