Windows XP for Starters: The Missing Manual: Exactly What You Need to Get Started

11.6. Automatic Updates

It might come as a surprise to you that most Internet attacks don't occur when online lowlifes discover a hole in Windows ' security. As it turns out, they're not quite that smart.

Instead, what usually happens is that Microsoft discovers the soft spot. (Actually, some super-brainiac researcher usually finds the hole, and then notifies Microsoft.) Microsoft then puts together a security patch, which it releases to its millions of customers to protect them.

The hackers and virus writers learn about the security hole by studying the patch . They leap on the information and create some piece of evilware in a matter of daysyes, after Microsoft has already written software that closes the hole.

So how can PCs get infected after Microsoft has already created a patch? Because it takes weeks or months for Microsoft's patch to get distributed to all those millions of customers. The hackers simply beat Microsoft to your PC's front door.

The painful part is that Windows XP already contains a mechanism for downloading and installing Microsoft's patches the very day they become available. It's called Automatic Updates, and it's yet another icon in your Control Panel (Figure 11-7).

Now, any patches or updates that Microsoft wants to send your way are also available for do-it-yourself download and installation at windowsupdate.microsoft.com (or choose Start All Programs Windows Update; if youre already surfing in Internet Explorer, you can also choose Tools Windows Update). As a bonus, this site also reports exactly which bugs are fixed in each update, usually using fairly technical language.

Furthermore, whereas Automatic Update offers you only security- related patches, the Windows Update Web page also offers updates that speed up your PC, offers new features, updates Windows Media Player, and so on.

Figure 11-7. If you turn on Windows XP's Automatic Updates installation featureand Microsoft is practically frantic that you do soyou can ask to be notified either before the software patch is downloaded (third choice) or after it's been downloaded and is ready to install (second choice). You can also permit the updates to be updated and then installed automatically, on a schedule that you specify (top choice).

But a patch won't do you any good if you don't know that it exists. So Automatic Update presents four options, as you can see in Figure 11-7. They correspond to four levels of trust people have in Microsoft, the mother ship:

  • Automatic (recommended) . Translation: "Download and install all patches automatically. We trust in thee, Microsoft, that thou knowest what thou doest." (All of this will take place in the middle of the nightor according to whatever schedule you establish in the control panelso as not to inconvenience you.)

  • Download updates for me, but let me choose when to install them . The downloading takes place in the background, and doesn't interfere with anything you're downloading for yourself. But instead of installing the newly downloaded patch, Windows pauses to get your permission, as shown in Figure 11-8.

    This option gives you the chance to conduct a quick search on Google to see if anyone has had trouble with this particular patch. If the coast is clear, then you can opt to install.

  • Notify me but don't automatically download or install them . When Windows detects that a patch has become available, that yellow ! shield icon appears in your system tray. Click the icon to choose which updates to download.

    When the downloading is over, the yellow ! shield appears again in your system tray, this time telling you that the updates are ready for installation. From this point on, the cycle goes exactly as shown in Figure 11-8.

    Tip: Consider this setting if you're a laptopper. People who use the fully automated option have been known to grab their laptops and head to the airport, only to discover that they're midway through a 25-minute Service Pack installation. Leaving your laptop on as you pass it through the X-ray machine is never a good way to make friends with the security staff.

  • Turn off Automatic Updates . Microsoft will leave your copy of Windows completely aloneand completely vulnerable to attacks from the Internet. This choice is preferred by people who like to fully research each patch before installing it (at, for example, www.annoyances.org).

Figure 11-8. Top: When Windows finds an update, a notification balloon lets you know, complete with a yellow ! shield icon.

Middle: Click the balloon to get another choice. You can blindly install whatever Microsoft sent you (click Express Install and then Install). Or you can click Custom Install (Advanced), which really means "Show me a description of what I'm about to install."

Bottom: In that case, this screen lists the patches Microsoft has sent you. It also offers you a link to a Web page containing really specific techno-jargon about the patch.

Microsoft hates when people choose anything but the first option, because it's no better than the old system (when hackers attacked after a hole was patched but before people had installed the patch).

And now a few notes:

  • You don't get any notifications unless you're using an administrator-level account (Section 12.2.1).

  • Some updates require that you restart your PC. (Actually, you can decline Windows' invitation to restart your machine, but, of course, the update won't take effect until you do.)

  • If Windows XP reveals that an update is ready to be installed, but you choose not to install it, Windows makes the updater invisible on your hard drive (if it has space). If, later in life, you decide that you really would like to have that particular update, just click the "Offer updates again that I've previously hidden" link at the bottom of the Automatic Update tab. Then, the next time you install an update, those choices become available once again.

Tip: You can find a record of the updates you've installed (and even uninstall them, if you want) in the Start Control Panel Add or Remove Programs program.Turn on the "Show updates checkbox at the top of the dialog box to reveal the "Windows XPSoftware Updates" category, which lists the individual patches and fixes you've installed.

Related

Категории