Support in other languages: 
Showing results for 
Search instead for 
Do you mean 
Reply
Maliha
Posts: 3,224
Registered: ‎07-31-2008
Location: Pakistan
0
Accepted Solution

My security software and OS are always current, do I have to worry about something else?

I always keep my operating system and security software such as AV and firewall up-to-date. I know I'm not 100% safe out there (Sony's PSN outage, anyone?), but is that enough for a typical user? Do I have to worry about something else?

 

Thanks!

------------------------------------------------------------

Maliha (I don't work for lenovo)
ThinkPads:- T400[Win 7], T60[Win 7], IBM 240[Win XP]

IdeaPad: U350

Apple:- Macbook Air [Snow Leopard]
Did someone help you today? Compliment them with a
Kudos!
Was your question answered today? Mark it as an Accepted Solution
de.gif  Lenovo Deutsche Community   es.gif  Lenovo Comunidad en Español 
Visit my YouTube Channel

Lenovo Technology Partner
PCBruiser
Posts: 12
Registered: ‎11-27-2011
Location: Pennsylvania, US

Re: My security software and OS are always current, do I have to worry about something else?

Hi,

 

Yes, in my view.  Some important suggestions:

 

1.  If you have broadband, use a router/firewall behind the broadband entry point.  Having said that, many ISPs are providing broadband modems with built in router and firewall capabilities.  If you have an ISP supplied modem which you suspect contains a router/firewall, call your ISP and ask.  If the modem does indeed have a router/firewall, ask your ISP how you can tell if the router/firewall has been turned on.  As with any security system (software or hardware) they should be kept up to date.  Router/firewalls are actually small low powered computers.  Their "firmware" or built in software, should always be kept up to date.  ISPs will usually push firmware updates to your router/firewall/modem if it is their hardware.  If you purchased one yourself, make sure to periodically visit the manufacturer's site to check if new firmware has been released.

 

2.  Learn more about the nature of malware threats on the Internet.  Visit specialized sites like mine (SpywareHammer) or other UNITE members to follow what types of malware they are seeing, and how they infected victims systems. 

 

3.  Use safe browsing.  Limit your exposure on social networks like Facebook and Twitter by keeping your data private and secure.  Be wary and suspicious of everything you receive in your email - there is a lot of fake stuff out there, and phishing is rampant these days.  Most of all, be smart, and always watch for potential scams or unsafe sites.

 

4.  If you ever suspect your system is compromised, get it checked at a known site that does malware removal.  UNITE is a good guide for reputable well known trustworthy sites that do proper malware removal.  And, our sites are all completely free - we never charge for our services.

 

 

Don't Read? Can't Learn!
Administrator, SpywareHammer.com
Microsoft MVP
Corrine
Posts: 66
Registered: ‎11-03-2011
Location: Upstate, NY

Re: My security software and OS are always current, do I have to worry about something else?

[ Edited ]
"UNITE is a good guide for reputable well known trustworthy sites that do proper malware removal."

True, although the sites listed at UNITE is limited to sites which also host training facilities.  A fairly comprehensive list of sites providing malware removal help by trained analysts, including non-English language help sites, that I compiled is available here.  [Edited to correct URL formatting.]

 

Should anyone need to seek help at one of the malware removal forums, be sure to read the instructions provided at the site where you seek help as the instructions may vary from site to site.

Microsoft MVP, Consumer Security
Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!
Twitter: http://twitter.com/SecurityGarden
Security Information and Malware Removal @LandzDown Forum
Fanfold Paper
mlande
Posts: 5
Registered: ‎11-11-2011
Location: Not Provided

Re: My security software and OS are always current, do I have to worry about something else?

Security is never passive and there are a host of 'safe hex' practices you should follow. But it would take more than a forum response to adequately address all of these so I will address only your patching question.

 

Keeping your OS and security software up to date is only part of the battle. Most malware today is distributed via the Web and most of those exploits are via third-party plugins such as Java, Adobe Reader/Acrobat, Flash, Quicktime, etc. Many of these third-party plugins come pre-installed so many users may not even be aware of their existence. But left unpatched, they can quickly lead to silent drive-by infections.

 

Qualys has a handy (and free) online tool that will check the patch level of these third-party plugins and let you know what needs updating: https://browsercheck.qualys.com/

 

Other installed software can also cause a problem. Secunia Online Inspector is a free and quick way to check the patch status of these: http://secunia.com/vulnerability_scanning/online/

 

Visiting both of these sites at least monthly for a quick checkup will help ensure all the needed critical patches are installed.

Microsoft MVP
Corrine
Posts: 66
Registered: ‎11-03-2011
Location: Upstate, NY

Re: My security software and OS are always current, do I have to worry about something else?

Great information, mlande!  There is also a installable version of the Secunia program, Secunia Personal Software Inspector (PSI).  The Secunia programs will only provide information about security updates, not version changes that do not address security vulnerabilities.

 

Something to think about is that a lot of people have Java because it was part of the original setup.  However, it really isn't needed.  Following reasons why someone may need Oracle Java installed on their computer:

  • Playing on-line games generally requires Java.
  • With OpenOffice, Java is needed for the items listed  here . 
  • It used to be that Java was needed for websites to be properly displayed. However, that is generally not the case now with Flash having taken over.
  • There may be commercial programs that depend on Java. If Java is needed for a software installed on your computer, there should be a prompt for it.
Microsoft MVP, Consumer Security
Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!
Twitter: http://twitter.com/SecurityGarden
Security Information and Malware Removal @LandzDown Forum
Lenovo Technology Partner
CyrusR
Posts: 10
Registered: ‎11-29-2011
Location: PH

Re: My security software and OS are always current, do I have to worry about something else?

Hello,

 

Yes, the things that are mentioned above are correct.  You should not limit the updates on your OS and AV products alone, you should also make sure to get the updates/patches of the softwares that you're using on your computer.  A good example that was mentioned already was Adobe.  There are multiple vulnerabilities that were discovered on their Acrobat product and they released updates/patches to address those.

 

Another one is your browser (Firefox, Chrome, etc.).  The developers of these browsers are also releasing updates and patches to address the vulnerabilities found on their softwares.

 

Regards,

Cyrus

goretsky
Posts: 1,972
Topics: 19
Kudos: 352
Solutions: 138
Registered: ‎12-01-2007
Location: California, USA

Re: My security software and OS are always current, do I have to worry about something else?

[ Edited ]

Hello,

 

As Microsoft has hardened recent versions of Windows and Office against attack, attackers have renewed their efforts to attack other parts of the software ecosystem.  In particular, Adobe Reader, Adobe Flash and the Oracle (formerly Sun) Java runtimes are all commonly targeted due to their ubiquity and being rich frameworks that allow all sorts of third-party constructs.  These programs all contain update mechanisms which allow them to update themselves, but sometimes a vulnerability may not be patched for a while, which allows for all sorts of exploits to be crafted.

 

As previously mentioned, Secunia's Personal Software Inspector, or PSI, for short, is a good solution for home users who want to check their computers for out-of-date programs.

 

 

Regards,

 

Aryeh Goretsky

 



I am a volunteer and neither a Lenovo nor a Microsoft employee. • Dexter is a good dog • Dexter je dobrý pes
S230u (3347-4HU)X220 (4286-CTO)W510 (4318-CTO)W530 (2441-4R3)X100e (3508-CTO)X120e (0596-CTO)T61p (6459-CTO)T43p (2678-H7U)T42 (2378-R4U)T23 (2648-LU7)
de.gif  Deutsche Community es.gif  Comunidad en Español ru.gif Русскоязычное Сообщество
Bugbatter
Posts: 726
Registered: ‎05-01-2010
Location: USA

Re: My security software and OS are always current, do I have to worry about something else?


Corrine wrote:
"UNITE is a good guide for reputable well known trustworthy sites that do proper malware removal."

True, although the sites listed at UNITE is limited to sites which also host training facilities. 




I usually recommend UNITE sites because of the training facilities. That way we know their staff is top-notch because they are constantly staying updated on new threats and removal techniques.

 

Trend Micro also a has list of recommended malware removal forums:
http://hjt-data.trendmicro.com/hjt/analyzethis/index.php


If you find a post helpful and it answers your question, please click the "Accept As Solution" button.

Lenovo Advocate ~ I am not employed by Lenovo or Microsoft. I am a volunteer.

Microsoft MVP - Consumer Security

SpywareHammer