Protecting Your PC

Enable automatic updates for Windows
To prevent a malware free PC from becoming infected, I would recommend enabling automatic updating for Windows

  • This will automatically install all security and high priority updates very quickly as they become available. You will only be prompted to restart your computer in order to install the updates (i.e. for them to take effect). Please restart as soon as possible.
  • For instructions on how to enable automatic updates, please see the appropriate link below. You should only need to set this up once. Once complete, it is a significant time saver.

Windows Vista
http://windows.microsoft.com/en-us/windows-vista/Turn-automatic-updating-on-or-off

http://windows.microsoft.com/en-us/windows-vista/products/features/security-safety

Windows 7
http://windows.microsoft.com/en-US/windows7/products/features/windows-update

Windows 8.1
http://windows.microsoft.com/en-us/windows-8/windows-update-faq

Windows 10
http://pcsupport.about.com/od/keepingupwithupdates/f/windows-updates.htm

Installing updates for Linux distributions
Ubuntu
https://wiki.ubuntu.com/Security/Upgrades and https://wiki.ubuntu.com/SoftwareUpdates

Debian
https://www.debian.org/doc/manuals/debian-faq/ch-uptodate.en.html

Kubuntu
https://askubuntu.com/questions/102958/is-there-an-update-manager-for-kubuntu

Install updates for Apple Mac OS X
https://support.apple.com/en-us/HT201541

Install anti-malware software
Both paid for and free versions are available (e.g. Malwarebytes, Avast, Microsoft Security Essentials etc.). Apple Mac OS X and Linux versions are also available (the provided links are examples of the many products available). Please choose a package that meets your needs in terms of functionality and price.

Uninstall any programs that you no longer use
The fewer applications that you have installed on your computer the fewer updates that you will need to install. This method can also be called attack surface reduction since the fewer applications that are installed the less chance that a security vulnerability can be exploited on your PC since there are fewer targets (there is less code installed/available to exploit).

Automate the updating of your installed programs

Ensure you install and use the Secunia PSI to notify you of any available security updates for the programs that you have installed. Please follow its recommendations to install or download then install all applicable updates as soon as possible to minimize the risk of infection.

  • I mentioned “install or download then install” updates above since Secunia PSI can detect and download some updates and then asks to install them. Other updates may need to be downloaded manually and then installed (however Secunia PSI takes the effort out of knowing about the update and locating the correct download for you. You need only download and install it).
  • If possible try to install all of the updates together and restart the computer only once (if a restart is necessary). Installing all the updates together is more efficient (once complete you can resume using your computer as normal) and will minimize the time and impact that installing security updates has on your day to day usage of the computer.
  • If possible try to install the updates during a time of day that is suitable for you i.e. when you are not using your computer for time/deadline critical work. This may be the end or the start of your day or during lunch.
  • Many people avoid installing updates time and time again since they are interrupting their work/use of the computer. This is a valid criticism but updates should be prioritized since installing the updates is indeed a temporary inconvenience but you can control when it happens. A malware infection is out of your control and is a far bigger inconvenience.
  • If you still can’t find the time to install updates, allocate a few minutes of your time at the weekends if you are using a laptop that you can take with you. If not, try to make installing security updates the last thing to do before you leave work on a Friday. If you have time allow all updates to install (or the most critical updates if you are short on time). When you begin work on Monday, your computer is fully up to date and security hardened (or at the very least the most crucial updates are installed), ready for the week ahead.

Alternatively if you don’t have the time to perform these updates you could hire someone to do it for you while you concentrate on your day job and/or running your business. Examples of companies that provide this would be this page and this page (among others that are available).

However, if your computer is managed by your companies IT department you should ask their permission before having anyone external to the company working on your computer. Such actions could violate the companies security policy. If you have an IT team, consider asking them if they can automatically apply software updates for you if you don’t have the time to do it. While it may not be their job to do this, they may have some usual suggestions to offer that may help you.

Further Harden Your Computer Against Attack
Follow all of the recommendations in the following Microsoft Security article:

http://windows.microsoft.com/en-us/windows/understanding-security-safe-computing#1TC=windows-7

  • Installing and running up to date anti-malware software with an active firewall is a significant defense against further infection. Since Microsoft Security Essentials is free, you can have use a reputable anti-malware product at no cost.

Disable Autorun for Removable Media
To prevent the spread of certain forms of malware that propagate to all accessible external drives/network drives, please ensure that the following update discussed in the Microsoft Security advisory (below) is installed (for Windows XP and Windows Vista). Windows 7 and Windows 8.1 already includes this security feature:

http://technet.microsoft.com/en-us/security/advisory/967940

Further Steps to Take to Improve your security (requires more time and effort)
Update: Please note that Microsoft EMET is in the process of being retired with the end of support scheduled for the 31st of July 2018. Further details are available in this blog post.

Install and use Microsoft EMET (Enhanced Mitigation Experience Toolkit)(please see my blog post on version 5.5 of EMET here):

About EMET:
http://support.microsoft.com/kb/2458544

Enhanced Mitigation Experience Toolkit (EMET) version 5.5 is now available (February 2016):
http://blogs.technet.com/b/srd/archive/2016/02/02/enhanced-mitigation-experience-toolkit-emet-version-5-5-is-now-available.aspx

EMET 5.2 is available (update):
http://blogs.technet.com/b/srd/archive/2015/03/16/emet-5-2-is-available.aspx

EMET 5.1 is available:
http://blogs.technet.com/b/srd/archive/2014/11/10/emet-5-1-is-available.aspx

Announcing EMET 5.0:
http://blogs.technet.com/b/srd/archive/2014/07/31/announcing-emet-v5.aspx

Information detailing how EMET can be used to protect un-patched software:
http://blogs.technet.com/b/srd/archive/2011/07/12/mitigating-software-vulnerabilities.aspx

White Paper discussing the security mitigations that EMET contains (applies to older versions of EMET):
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=26788

Introductory video to Microsoft EMET (please see the Featured Video at the following link):
http://technet.microsoft.com/en-us/security/jj653751

Microsoft EMET Support Forum (also has useful information about configuring EMET):
http://social.technet.microsoft.com/Forums/en/emet/threads

Microsoft EMET v5.2 is a tool that I have installed on all of my Windows 8.1 64 bit and Windows 7 64 bit PCs. It works very well and is an extra layer of protection against malware.

I have enabled EMET on all of my Microsoft Office programs, my internet browser, my Adobe PDF reader and other programs (not games or security software) that I use frequently (especially if that application accesses the internet). I have not experienced any stability issues with Microsoft EMET but please ensure to test its effect on your programs thoroughly.

Use a standard user Windows account
This is a technique discussed in the above Microsoft Security article and more recently in a blog post. This is a technique that can provide a significant additional layer of security.

I use this approach when using my computers for day to day use. There is no requirement to use an administrator account when using your computer for day to day tasks. You can still install programs and make settings changes by entering your administrator password for your administrator account when prompted to do by Windows 8.1 or Windows 7.

If you need to make a long list of changes to your computer, for convenience you can switch back to your administrator account to make these changes and return to your standard account once completed.

Check shortened URLs before visiting them
Always think before clicking a URL especially a shortened URL (e.g. bit.ly or tinyurl). If the URL came from a friend in an email or IM conversation, verify that your friend actually sent the email/IM and that their email/IM account has not been compromised and being used to send emails or IMs containing malicious links.

For shortened URLs, use a preview service to view their actual destination e.g.

http://www.longurl.org/ or http://www.urlunshortener.com/

Malware Removal Tools:
For a detailed list of tools that can be used to remove existing malware infections from your computer or to ensure that your computer is malware free, please see the Tools and Resources page.

Information on Security Updates
For more information about the latest security updates, whether you wish to check if you are missing any updates or if you wish to obtain more information on the changes made within the security updates for popular software please see the following sources:

Microsoft TechNet Security:
http://www.microsoft.com/technet/security/default.mspx

Security Updates Calendar:
http://calendarofupdates.org/index.php#c11

The calendar can also be viewed using the following categories: General Software, Security Software and Utilities.

Brian Krebs: Time To Patch:
http://krebsonsecurity.com/category/patches/

US Computer Emergency Readiness Team (CERT) provides a useful website to stay up to date on current malware threats and security updates:
https://www.us-cert.gov/

Adobe Security Updates:
http://blogs.adobe.com/psirt/

http://blogs.adobe.com/asset/

Security News
Please find below some links to sites/blogs that I check regularly in order to keep up to date with the latest security threats/malware:

Microsoft Cyber Trust Blog:
http://blogs.microsoft.com/cybertrust/category/cybersecurity/

Kaspersky ThreatPost:
https://threatpost.com/

Sophos Security Blog:
http://nakedsecurity.sophos.com/

Symantec Security Response Blog:
http://www.symantec.com/connect/symantec-blogs/sr

Symantec Securityfocus:
http://www.securityfocus.com/bid

Microsoft Malware Protection Center:
http://blogs.technet.com/b/mmpc/

Microsoft Security Response Blog:
http://blogs.technet.com/msrc/

Microsoft Security Research & Defence Blog:
http://blogs.technet.com/b/srd/

Additional Online Malware Scanners
In addition to VirusTotal, the online malware scanner, there is another alternative online malware scanner that you may wish to try:

Virus Scan by Jotti:
http://virusscan.jotti.org/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s