OUCH!
November 2009
SANS Institute Security Newsletter for Computer Users
***********************************************************************
* Keep an Eye on Window's Security Icons * OS X Security Enhancements
* Software Patches and Updates
***********************************************************************
* Keep an Eye on Window's Security Icons. The icons in the Notification
area (located on the Taskbar usually near the lower right corner of your
desktop) provide important information about the security of your
computer. Pay particular attention to the icons for Windows Update,
Windows Security Center, and your security software.
Heads-up! If you see only a few icons or none at all, odds are they've
been hidden. Unhide them:
http://www.techf5.com/archives/unhide-view-hidden-icons-on-taskbar/
- - Windows Update. A yellow shield with a black exclamation point in the
middle near the lower right corner of your desktop in the Notification
area. This icon comes and goes. It appears when Windows Update is busy
downloading or installing critical security updates intended to patch
security holes and help keep your computer safe. When you touch the icon
with your cursor, a bubble message tells you what Auto-Update is doing.
It may be busy downloading updates. Avoid logging off or shutting down
your system until the download and installation are complete. If it has
finished downloading updates, it may be waiting for the nod from you to
install them. Click on the icon and tell it to go ahead. Or your
computer may need to be restarted in order to complete the installation.
The sooner you restart your system, the sooner the updates will take
effect.
Heads-up! The Auto-Update icon won't appear if Automatic Updating is
turned off. Make sure Auto-Update is turned on and has the recommended
settings:
http://windows.microsoft.com/en-us/windows-vista/Turn-automatic-updating-on-or-off
If it's been some time since updates have been applied to your computer,
Automatic Updates will do its best to get your system caught up, and
you'll be seeing a lot of that yellow shield icon for a while. Keep
touching it with your cursor whenever it appears, and when prompted, do
your part to keep the update process going. Also, if you cannot get
Auto-Update to turn on or think something has gone wrong, call the help
line provided by the maker of your computer, your Internet Service
Provider (ISP), or a computer consultant.
Heads-up! Sometimes when you select Shut Down, your computer will ask
you if you want to "Install updates and shut down", or will just tell
you it's going to install updates. It's very important that you let your
computer go ahead with installing updates. Do not shut it off manually.
Updating could take an hour or more. It pays to be patient. Also,
Microsoft will NEVER send you an email telling you to click on a link
to get software updates. If you get such an email, it's bogus.
- - Windows Security Center. A red shield with a white X in the middle
near the lower right corner of your desktop in the Notification area.
This icon comes and goes. (You may also see a balloon message.) Whenever
the icon appears, that's your queue to find out what's gone wrong. Click
on the icon or the balloon to open the Security Center, which tells you
the status of the (software) firewall, Automatic Updates, and your Virus
Protection. When all is well, you will see three green bands. A yellow
band means that an adjustment is needed; follow the onscreen
instructions. If you see a red band, an essential security system is not
working. Avoid using your computer until it is working. Your best course
of action is to call the help line provided by the maker of your
computer, your Internet Service Provider (ISP), or a computer
consultant.
Heads-up! A common cause of Windows Security Center alerts is that your
security software is not working or is out-of-date. Read the explanation
for the alert, and then click on "Recommendations." Chances are it is
time to renew your subscription. If your subscription is not current,
your computer will be vulnerable to malware (viruses and worms). Do not
wait for it to expire.
- - Your Security Software. This icon should appear on the Taskbar at all
times. Every brand of security software has its own icon or icons, many
of which are round or shaped like a shield. Identify the icon for your
security software by touching the unfamiliar icons at right end of the
Taskbar, near the lower right corner of your desktop in the
Notifications area. A small pop-up or balloon will tell what you have.
Common security software brands include Symantec, Norton, McAfee,
Kaspersky, Sophos, Panda and BitDefender. Security software icons often
signal an alert by changing color, flashing, or popping up a message.
Pay attention to any change in the icon's appearance. It may be good
news-that your security software has been updated successfully or has
blocked a threat to your system-or that it's time to get out your credit
card and renew your subscription.
Heads-up! If you can't find an icon for security software, your system
may not be protected against malware (viruses and worms). Play it safe
by not using your computer until you are sure that your security
software is working and up-to-date. Also, while many PC's come with
security software pre-installed, these are often limited-time trial
versions that expire after 30-90 days. Security trialware generally lets
you know in no uncertain terms that it is expiring, so send money!
* Quick Checklist
- - Make security icons visible on the Taskbar. Keep an eye on them.
- - Enable Automatic Updates. When prompted, do your part to get them
installed and working.
- - Use good-quality security software, keep it updated, and do not let
it expire.
***********************************************************************
* OS X Security Enhancements
- - Users of OS 10.5 and 10.6 can set Software Update to download
important updates in the background without your intervention. Once the
updates have finished downloading, OS X will notify you onscreen that
new updates are ready to be installed. Don't delay installing updates.
Some Mac users have not gotten used to idea that updating your software
is no longer optional. From a security standpoint, it's essential. Also,
if you are running OS 10.4 or earlier, make sure that Software Update
is checking for updates once a week, as Apple recommends. Go to System
Preferences, click on the Software Update icon, and schedule a check.
http://support.apple.com/kb/HT1338
- - Changes in the newest version of OS X, Snow Leopard, broke some
security software-an unwelcome surprise not only for users but also for
security software manufacturers-and rekindled the debate about whether
or not Macs need security software in the first place. Not long after
Snow Leopard hit the street, Apple added malware protection, dubbed
xProtect, via an update. The feature pops up a window warning users who
try to install applications known to be malicious that the file will
damage their computer and should be moved to the Trash.
***********************************************************************
* Patches and Updates
Windows & PC Office: http://update.microsoft.com and
http://www.microsoft.com/security/updates/bulletins/200910.aspx
OS X: http://support.apple.com/kb/HT1338
Mac Office:
http://www.microsoft.com/mac/help.mspx?CTT=PageView&clr=99-0-0&ep=7&target=ffe35357-8f25-4df8-a0a3-c258526c64ea1033
iPhone/iPod: http://docs.info.apple.com/article.html?artnum=305744
iPod: http://support.apple.com/kb/HT1483
Windows Acrobat Reader:
http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows
OS X Acrobat Reader:
http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh
Flash Player: http://get.adobe.com/flashplayer/
Firefox: http://www.mozilla.com/en-US/firefox/update/
Safari: http://www.apple.com/downloads/macosx/apple/application_updates/safari.html
Opera: http://www.opera.com/
Chrome: http://googlechromeupdate.com/updates.html
Java: http://www.java.com/en/download/manual.jsp
iTunes: http://www.tuaw.com/2009/09/22/itunes-9-0-1-now-in-software-update/
Symantec: http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2002021908382713
Norton:
http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=n95
McAfee: http://www.mcafee.com/apps/downloads/security_updates/dat.asp
Kaspersky: http://www.kaspersky.com/avupdates
Sophos: https://secure.sophos.com/support/updates/
Panda: http://www.pandasecurity.com/homeusers/downloads/clients/
BitDefender: http://www.bitdefender.com/site/view/Desktop-Products-Updates.html
Microsoft Security Essentials:
http://www.microsoft.com/security/portal/Definitions/HowToMSE.aspx
***********************************************************************
Copyright 2009, SANS Institute (http://www.sans.org)
Editorial Board: Bill Wyman, Walt Scrivens, Barbara Rietveld, Alan Paller.
Email: OUCH@sans.org
Download the formatted version of the OUCH! at
https://www.sans.org/newsletters/ouch Permission is hereby granted for
any person to redistribute this in whole or in part to any other persons
as long as the distribution is not being made as part of any commercial
service or as part of a promotion or marketing effort for any commercial
service or product. We request that redistributions include attribution
for the source of the material.
