Keeping Windows Updated
Listed below are the most important tasks that are covered in this section:
- Identify common security vulnerabilities by using the Microsoft Baseline Security Analyzer.
- Keep the Windows operating system current and updated with current patches and service packs.
- Keep Windows applications current.
You may recall from the workshop Windows: Basic Computing Skills that an operating system, such as the Windows Vista operating system, must be present on a system before any application software can run. It is important that you use modern and up-to-date operating systems. Vendors will drop support for older versions and, therefore, security updates may not be available for those older versions. Also, as newer updates become available, additional security features are added to enhance the operating system. You should be using a secure operating system such as Windows 7, Windows Vista, Windows XP or Windows 2000. Older versions of the Windows operating system are not secure operating systems when connected to the Internet.
It may be difficult to keep up with all of the security fixes and updates for Windows, even with the assistance of Windows Update. Microsoft Baseline Security Analyzer (MBSA) is a tool that checks the latest list of fixes and compares it with the ones that have been installed on one or more computers. In addition, MBSA checks for common security vulnerabilities, such as weak passwords and insecure configuration.
To install and run the MBSA to check for the latest updates and security vulnerabilities, you must be logged in as an administrator or as a member of the local Administrator’s group. The MBSA is a free download and can be downloaded from the following sites:
Follow the instructions for downloading the MBSA program to your local computer. After scanning your computer running the MBSA, you will see some Security Update Scan results with links that provide more detailed information.
Note: First check with your LSP before running the MBSA.
Click the screenshot below to see a simulation for running the MBSA.
Windows helps keep your software updated with the newest and best code for device drivers, security, reliability, and performance. Windows Update is a free online service that you can use to download free updates to Microsoft software. Windows Update will scan your computer and list the code updates needed on your system. Then you will have the option whether to choose and install them.
In order to detect needed updates or to download and install updates, you must run Windows Update as a user with administrative privileges and be running a version of Microsoft Internet Explorer 5 or higher. If your computer is connected to a network, network policy settings must allow you to complete this procedure.
Note: First check with your LSP before running Windows Update.
Click the screenshot below to see the simulation for getting available updates.
Certain Microsoft updates, service packs, and hot fixes are made available to IU students, faculty, and staff online at:
Automatically Enabling Updates
Windows updates are published when the need arises, such as when a patch is developed for a newly discovered security vulnerability. You can regularly check Windows Update to see what’s new, but there’s an easier way. You can use the Automatic Updates feature. When you enable Automatic Updates, you don’t have to search for updates online or worry that critical fixes might be missing. If "automatic" is enabled, critical updates are installed regardless of what type of account the user is logged in with at the time. Your computer may have to be shut down and restarted to complete an update installation.
If you prefer to download and install updates yourself, you can also set up Automatic Updates to notify you whenever any high priority updates become available. To get updates in this manner, you will have to be logged in as Administrator or as a member of the Administrators group.
Automatic Updates retrieves only high priority or critical updates. To view, download, and install other Windows updates and driver updates, you will need to visit the Windows Update site.
Click the screenshot below to see the simulation on verifying that Automatic Updates is enabled.
For more information on Microsoft Windows Update, go to
NOTE: To use the web version of Windows Update, you must be using Internet Explorer.
In addition to keeping the Windows operating system updated, EVERY application on the computer should be kept up to date. Other applications such as RealPlayer or Adobe software should also be kept updated.
Using your Internet connection, you can check for and install Microsoft Office updates using the following methods:
- In any Microsoft Office application, go to the Help menu, select Check for Updates.
- In a Web browser, go to the link at: http://office.microsoft.com/productupdates/
- Microsoft Office updates are also available on CD by clicking on the link “Order service pack CDs.”
Using Security Alert Services
Fortunately, you can rely on several services to keep you informed on taking steps to secure your computer. Several reliable services offer subscriptions (usually free) to security alerts by email. Some send a message only when a security issue is discovered or when a patch is available, whereas others publish on a regular weekly or monthly schedule.
Also, many Web sites are devoted to issues of computer security. It is a good idea to visit a few of these sites periodically to read about the latest security vulnerabilities. For a list of popular security email alerts and Web sites, click on the link for Online Resources.