March 14, 2005
Q: I have Windows XP and my computer is working fine, plus I am behind a router, and I have Norton Antivirus and a firewall. I want to know if there is any need to install the Microsoft critical updates?
Is my computer protected enough with the software and router? — Jesse
A: With all the information swirling around about the dangers of online life, it can get very confusing as to what you should and shouldn’t be doing to protect yourself.
How many layers of security should you use? When does installing additional security go from concern about protection to paranoia?
There are several things that I consider must-haves for any Internet-connected computer. Those who are connected to a broadband or highspeed Internet connection such as DSL or cable should have a router, a piece of hardware that acts as a 24/7 shield between your computer and the rest of the Internet.
The reason broadband users need extra protection from the Internet is because they are always on the network.
This means that whether you are surfing the Net or not, your computer is physically connected to every other computer on the Internet, giving malicious users the opportunity to try to access it.
A hardware router acts sort of like the invisibility cloak in the "Harry Potter" movies — allowing you to stay connected without being noticed.
It also generally comes with additional ports to add other computers safely, creating a hardware "firewall" between your computers and the rest of the world.
Any firewall or router can be compromised as soon as a file that has a Trojan horse or other malicious code hidden in it is opened. Once the file is opened, it opens up a back door and punches a hole through the cloak, inviting outsiders into your system.
Antivirus software is an essential component, because it helps ward off malicious code that can get past the router, through e-mail attachments and file downloads from other Internet sources.
The moment you attempt to open an infected file that will compromise your security, the antivirus program is tasked with stopping the process and warning you.
The point of installing Microsoft’s critical updates is to plug as many holes as have been discovered that would allow malicious code to get around your router, antivirus software and firewalls. In other words, implementing a router, antivirus and firewall software can all be for naught if you don’t update Windows on what it should and should not allow to happen. Critical updates turn off or modify many unneeded functions that can be used against you.
Many new attacks can be launched via a Web browser or e-mail preview window without any real interaction from the user (aka drive-by downloads), if the latest critical updates have not been applied.
These new attacks often start wreaking havoc by disarming your security and protection software and sending out a beacon to the rest of the malcontents on the Internet, because you skipped a step that would have kept them out.
If you have Windows XP it should, by default, be downloading the latest updates and notifying you that they are ready to be installed.
If you are not sure where you currently stand on critical updates, you can visit http://windowsupdate.Microsoft.com to have Microsoft scan your system and let you know what you are missing and turn on the Automatic Updates if they are currently turned off.