WHEN WE visit friends or relatives for a few days, I often find myself staring at a strange computer, trying to fix a problem or install new hardware or software. When you write a column like this one, it's an occupational hazard.
On our current trip, I volunteered to set up a wireless network for my cousin so she could use her laptop on the patio (thankfully, she lives far from the Snowbelt). Her four-year-old Sony VAIO seemed to be in reasonably good shape, but as a rule, I visit Microsoft's Windows Update Web site to make sure the operating system is current before I install anything new.
Wow! When the Web site finished its scan, Microsoft informed me that there were 44 updates waiting to be downloaded, many of them critical security patches. These are designed to protect against hackers who use viruses, Trojan horses and other invaders that can corrupt the operating system, steal credit-card information or take over a home computer completely and use it as a spamming tool or a launching pad for Internet attacks on other PCs.
Suspecting that I was facing an unretouched version of Windows Millennium Edition, I asked my cousin whether she had ever updated the operating system. Her reply: "Well, I get those messages sometimes, but to me it looks like they're just wasting my time. So I always say no."
In a kinder and gentler world, that attitude might have been entirely reasonable - after all, if your computer's working OK, why fix something that isn't broken?
Unfortunately, we live in a very dangerous world - certainly as far as the Internet is concerned. Hackers are constantly devising new attacks, and if Microsoft itself once took a laissez faire attitude toward patching security holes, it has definitely cleaned up its act over the past two years.
The company releases monthly updates - not only for Windows XP, but also for some earlier versions of the operating system and other programs that might be vulnerable. It is not difficult to get the updates you need. The latest release of Windows XP (Service Pack 2) automatically checks for updates and will install them in the background.
Earlier versions of Windows may not be set up to chase updates automatically, but it's easy enough to do on your own. Just click the start button and choose Windows Update from the popup menu. If you don't find it there, you can just point Internet Explorer to http://windowsupdate.microsoft.com.
If you normally use another browser, such as Mozilla Firefox, you'll have to run IE for this job.
Once you're at the update Web site, Windows will check to see whether you have the latest downloading software loaded. If not, you'll be asked to approve the installation. Then the software will scan your system to see what's been installed already and present you with two lists of potential updates.
The first list is the important one. It contains priority updates that will fix general flaws in the operating system and patch security holes. You should generally download all of these. For Windows XP users, it's important to download Service Pack 2 (SP2), which puts together many key security fixes.
A secondary list contains updates to application programs that may be nice to have but aren't necessary, such as new versions of Media Player or Web browser support for a variety of non-European languages. Take care of the critical updates first.
Once you've chosen the updates you want, the computer will download and install the software automatically. This can take a while (almost forever over a dial-up connection). Unfortunately, some updates must be downloaded and installed by themselves, instead of as part of a package. And since many updates require you to restart the computer, you'll have to baby-sit the process. But it's well worth the investment in time.
Speaking of security, Microsoft may be getting serious about making protection from viruses and spyware part of the operating system. Although it has spent hundreds of millions on enhancements to Windows and its accessories over the years, it has largely left security to third-party developers, such as Symantec and McAfee.
Unfortunately, that puts the burden of buying and installing security software on the user, and as my experience this week illustrated, there are still plenty of folks out there who haven't gotten the message. In a world where the consequences of an unprotected computer were strictly personal, this wouldn't necessarily be a serious problem. But millions of unprotected computers have been hijacked and turned into spam or Internet attack "zombies" that annoy or threaten others. As a result, individual computer security is now a community issue.
To deal with some of these problems, Windows XP Service Pack 2 contains an improved firewall that turns itself on by default. That offers a degree of protection, although it's not as good as commercially available products. SP2 also monitors the system for antivirus software and warns you if it's out of date.
In recent months, Microsoft has also offered two free programs that can help ward off intruders. One is designed to detect and remove security threats such as Blaster, DoomJuice, MyDoom, Sasser and Zindos. The other is a beta version of a spyware removal tool (beta means that it's not quite finished but probably will do more good than harm).
These aren't as good as commercial products, but I've tried both on a variety of PCs and they haven't done any damage, which is the golden rule of software. You can get them yourself by visiting www.microsoft.com/security/.
Even with these helpful additions to Windows, if you're really interested in keeping your computer secure today, and preventing hackers from using it to do harm to others, you still have to take responsibility for yourself.
Keep the operating system up to date. Install a good Internet protection suite that includes an antivirus program and firewall. Don't click on pop-up windows while you're browsing the Web. And never open an e-mail attachment if you don't know the source.