|
Installing Microsoft Software
|
|
!!!ATTENTION!!!
The Problem:
Microsoft distributes its software as a 'release package,' current as of a
specific date and/or version number, and a set of security patches, which
update the installed software.
Installing the software in an unprotected fashion -- doing so without
being behind a firewall -- and/or running the software without first
making certain that all patches for that product have been successfully
applied -- will lead to the infection of your computer by any one of a
number of viruses or worms.
This infection can result in the network connection to your machine, or to
all of the machines connected to the same wall port, being disabled by
C&C. Connectivity can only be restored once the affected computer(s) are
verified virus-free.
The following is a list of Microsoft products which are distributed in
this manner. It is not meant to be a comprehensive list, but these are the
most vulnerable products:
-
Microsoft Windows Operating Systems (ALL VERSIONS)
-
Microsoft SQL SERVER
-
Microsoft Internet Explorer
-
Microsoft Internet Information Server
-
Microsoft FTP Server
-
Microsoft SMTP Server
-
Most any other Microsoft Server Software
The Solution:
There are a number of steps you can take to safely install these products.
- CSE Support has a number of NetGear firewall routers on
loan. Check one out here, and place it on the network between the wall port
and your computer. The firewall allows you to install software, and to
download and install patches without being compromised. If you are
setting up a machine from scratch, or reinstalling the Windows
operating system, this step is strongly recommended.
- Before you install a piece of software, try to find out if patches
exist for the software, and download and burn them to CD-R or store
on the computer if possible. Remove the computer's network connection while you install the software, then install the patches before reconnecting to the network.
- Point your browser to windowsupdate.microsoft.com and
make certain your machine is up to date with all critical updates.
Installing software may well change the set of critical updates to
be applied to your machine.
- Make sure that the 'Windows Firewall' is
enabled. This will protect your machine, by disallowing
incoming network traffic on all but specific ports.
Related information:
|
 |
Computer Science & Engineering
University of Washington
Box 352350
Seattle, WA 98195-2350
(206) 543-0377 voice, (206) 543-2969 FAX
[comments to tandersn]
|