www.herald-journal.com
Microsoft operating system updates

November 19, 2007

by Mark Ollig

Last Wednesday morning, I walked over to my computer, as I do each morning . . . to check my e-mails before leaving for work.

The first thing I noticed was the computer had been “reset.”

Yes, the folks at Microsoft reached out (over the Internet) and added some security software protection updates to my computer.

There was a message in the lower right-hand corner of the screen telling me Microsoft had installed a critical Windows XP update and this update required my computer to be reset.

No, Microsoft is not the “Big Brother” George Orwell was talking about in his book . . . at least that is what I say to myself so I can sleep at night.

Yes, I still use the Windows XP operating system that came with my computer. For now, I do not see the immediate need for me to update to the newly-released Vista operating system.

I am, however, working on a future column where I would like to address the pros and cons concerning whether to upgrade to Vista or if it would be smarter to wait until I buy my next computer.

A new computer with the Vista operating system preinstalled means all the software applications and programs on it would already be “Vista compatible.”

Rest assured, your humble columnist will do his homework for this future column.

I would like to mention, while we are on the subject, that my youngest son, Andrew, is using the Vista operating system on his new computer without any problems (that I am aware of). He likes the speech recognition program that comes with Vista, which allows interaction with his computer – just by talking to it.

By using voice commands, he is able to dictate documents and e-mails, start and switch between software programs, control the Vista operating system, and even fill out forms on the Internet. He demonstrated this for me and, I must admit, it was amazing.

And now back to this week’s topic.

My home computer Internet connection is “always on” so the Microsoft update program runs automatically. I do not have to worry about remembering to get the updates.

Before I had a dedicated Internet connection, I used a telephone line for my dial-up access to the Internet.

A few years ago, in order for me to get the Microsoft updates downloaded onto my computer, I needed to access and run the Microsoft update program. I normally ran this once a week.

Getting back to this critical security update, I found out that the update removed a dangerous bug in Windows XP.

This security update is also applicable to the Windows Server 2000 operating system, as well.

However, Microsoft said this critical update did not apply to the Windows 2000 or the new Vista operating systems.

Microsoft gave this serious security fix its most urgent “critical” rating.

The update installed was the Microsoft MS07-061 and is, for the most part, “critical” because the fault it repairs has been seen in “Web-based attack code.”

The Microsoft web site described this threat in their Security Bulletin MS07-061 as a “ . . . critical vulnerability in Windows URI [Unique Resource Identifier] handling [which] could allow remote code execution.”

A perceptively high tech computer programmer could use this window of vulnerability to take over a computer that did not have this newly updated protection fix or “patch.”

Some individuals have misunderstood the term computer “hacker.” A computer “hacker” is actually defined as a highly talented computer programmer who seeks to gain unauthorized access to computer systems without malicious intent to change or destroy anything on the computer. It is a challenge. They just want to test their computer programming talents.

The computer “cracker,” on the other hand, will take advantage of this latest security vulnerability using the Windows Internet Explorer 7 web browser and possibly other vulnerable programs.

A computer cracker not only wants to gain illegal access to a computer, but also has malicious intent to cause damage to that computer system as their goal.

A cracker would do this in order for them to do things such as stealing passwords, deleting information, or using the computer they are controlling to send out spam e-mails.

To see if your Windows personal computer has all the current Microsoft updates and fixes, visit http://update.microsoft.com/microsoftupdate.

Windows users can visit this web site to get the latest updates and have them downloaded to their computer.

My computer is set to receive security and critical software updates, or “patches,” automatically. On your computer, go to the settings in the Microsoft Windows Control Panel and turn on the “Automatic Updates.” Now when you are connected to the Internet, Windows will automatically find and install any high-priority software updates for your computer as needed.

For more information on keeping your computer secure, visit http://www.microsoft.com/security and http://www.microsoft.com/malwareremove.