Protecting your computer from unwanted guests: software patching

Patching is an important part of protecting a computer from unwanted guests. It is that process where we like to hit 'Install later' when a new patch becomes available.

Windows updates should be straight forward and already set to automatically run when new patches come in. To check that this is in fact the case do the following:

Click Start -> Control Panel -> Windows Update. On the left hand side click 'Change settings.' In the 'Important updates' section click the drop down and select 'Install updates automatically (recommended).' Set a date and time. Mine are set to 'Every day' and at '3 a.m.'

For all non-Microsoft software use Secunia Personal Software Inspector (PSI). This is a free tool for home (commercial is paid) use that goes out and grabs and installs all the updates for most of the third party software installed on a machine. Some updates will require manual installation, but most won't require any action from you at all. Simply download, install, and forget. Well, except for the manual installs that should be checked for every once and a while. 

This post first appeared on Exploring Information Security.

Protecting your computer from unwanted guests

My brother and I in Holland, in a big ass clog, keeping out feet protected from bad...things.

My brother and I in Holland, in a big ass clog, keeping out feet protected from bad...things.

My brother recently contacted me about an incident involving a tech support scam. Luckily, the scam was caught before anything serious happened and one good thing came out of the episode, which leads me to this post and the next few posts. I will be going over some of the tools that can be used to keep unwanted guests out of a computer. All the tools I will be talking about are free, but will require some configuration and thinking.

Tools

Here are the four tools I recommend for avoiding those nasty Internet Transmittal  Diseases (ITD):

  • Microsoft Security Essentials - Anti-virus

  • Secunia Personal Software Inspector (PSI) - Software patching

  • Microsoft Enhance Mitigation Experience Toolkit (EMET) - Computer hardening

  • Mozilla Firefox with NoScript plugin - Safe browsing

  • BONUS: Turn on click-to-play in browsers

I want go in-depth on Microsoft Security Essentials and turning on click-to-play in browsers. For Security Essentials, go to the download page, download, and install. Simple as that. There aren't many settings for the anti-virus program and that's a good thing. Anti-virus is largely mocked within the infosec community, because it's easy to circumvent, and that includes the $40-60 big name anti-virus companies of the world. Still, it has saved my bacon a time or two and worth installing, especially if it's free like Security Essentials.

I covered click-to-play in my last post and provided a link to a pretty good article that goes through how to turn on click-to-play in all the browsers. No need to reinvent the wheel, so here's the link again. Click-to-play is easy to turn on and easy to get used to and helps with computer performance.

If any of the posts are unclear are you have a questions, please leave a comment or contact me directly.

This post first appeared on Exploring Information Security.

Patch Management - Secunia PSI

One of the best security pracitces within the computing industry is patching. Patching not only improves software by fixing bugs and adding features, but it also fixes vulnerabilities in software, that can lead to your computer to getting viruses or other malware. New vulnerabilities in the devices and programs are discovered on a daily basis, so It's very important that patches for operating systems, devices and any programs be applied regularly and when they become available.

Good patch management, though, can be a challenge and an annoyance to people who have only so many hours in the day and many other things to worry about. Luckily, there is a free tool that can help with getting patches installed regularly and, more importantly, with very little interaction. Secunia PSI is a free program I've been using for a while now to help with patch management on my computer, as well as my family and friend's computers.

Secunia PSI

Download the program, no sign-up is required (another excellent plus). Install the program and then open it.* Click 'scan now' to initiate a discovery scan of all the programs on your computer. At this point, you can return to your regularly scheduled computer programming. Really, that's it.

*Sometimes when you first try to open the program you'll get a message about it having problems connecting to the internet. Give it a few minutes and if it says it's still having problems, then reboot your computer.

Once Secunia has completed it's initial scan it will start patching programs on your system, automatically. There are some programs that will require a manual download and install, but Secunia PSI will provide you a direct link to the patch(s) that need to be applied.

There will be exceptions: Sometimes a program doesn't have a patch available yet; and other times applying a patch causes issues with other programs. The Secunia PSI tool will, however, get 80-90% of your programs patched with requiring any interaction from you.

Patch management is one of the most important things you can do to keep your computer safe from malicious activity. It's also one of the easiest things you can do, with the right tool.

If you have any questions feel free to leave a comment or contact me directly via email or Twitter.

This post first appeared on Exploring Information Security.