Enabling Automatic Updates for XP and Win2K
Recall that you may always manually update by pointing Internet Explorer to www.windowsupdate.com.
For Windows XP:
1. Left-click "Start" from the toolbar - this should raise a menu.
2. Right-click "My Computer" - this should raise another menu.
3. Left-click "Properties" - the "System Properties" dialogue should
appear.
4. Left-click the "Automatic Updates" tab.
5. Choose to "Keep my computer up to date" and set your preferences
underneath.
If you have changed the settings for your start menu, "My Computer" may not be accessible from the menu. If you can't temporarily revert to default settings, try:
1. Right-click "My Computer" on the desktop - a menu should appear.
2. Left-click "Properties" - a new window should appear with tabs.
3. Left-click the "Automatic Updates" tab.
4. Choose to "Keep my computer up to date" and set your preferences
underneath.
For Windows 2K:
Note: You will need at least Service Pack 3 to have this option available to you, otherwise you will have to manually update to acquire the latest Service Pack.
1. Left-click "Start" from the toolbar - this should raise a menu.
2. Left-click "Settings" - this should raise another
menu.
3. Left-click "Control Panel" - this should raise a dialogue
with a list.
4. Left-click "Automatic Updates" from the list - a new window will
appear.
5. Left-click the checkbox next to "Keep my computer up to date" - and
set your preference is the "Settings" dialogue beneath.
Enabling Automatic Updates for Mac Os X
1. Double-click "System Preferences" in the Applications folder.
2. Click "Software Update" under the System section.
3. Check the box next to "Check for updates:" and choose "Daily" from the drop-down menu.
4. Optionally, check the box for "Download important updates in the background."
Patching FAQs
What is a patch?
As the name implies, a patch is a fix. Applied to computers, it is a fix for a software problem. Patches usually come in the form of a program that is designed to fix (or patch) another program.
Why are patches needed? My program works fine!
In some programs, subtle bugs or loopholes are discovered that would allow an attacker to do something the program was not originally intended for. In most cases, these bugs are never seen by the common user while executing the program.
I don't understand how a "bug" could make me vulnerable.
Suppose a programmer wants a field that allows the user to enter a password. Now, if the programmer allowed only, say, 64 characters in memory to hold this password, and didn't check the entered length, what would happen if 65 characters were entered? The last character would overwrite a character in memory. By carefully crafting these overwriting characters, one has built a simple type of exploit called a buffer overflow.
Ok, I have many programs, how can I know if there are bugs?
Usually, the vendor of the software will respond to a bug report and release either a new version of the software (one form of a patch), or a program to fix the software (another form of a patch).
For the Microsoft Windows operating systems, the task is nicely automated - a website can check all the operating system components, and update them accordingly. The website is:
www.windowsupdate.com
You can also learn to set up windows to automatically update
itself.
How often should I check for updates, or patches?
The security team recommends checking once a week. It is also advisable to peruse some security related websites, for more up to date news on new bugs that are discovered, and new patches that may be applied. We recommend this website:
http://www.incidents.org
What if I don't run windows?
Users of unices varients sometimes have it tougher. Oftentimes, programs that listen on the internet (and are therefore susceptible to remote attacks) are separate from the operating system (eg OpenSSH, Apache), and therefore need to be checked for patches on an independant basis. While we know that Fedora linux has an automatic updates feature, users of other unices should probably consult with the vendor of their particular distribution (Mandrake, Slackware, SuSE, etc.)
