Editor's Note
Health & Computers
IT Sector
Long Reach Ethernet
MS&PHD Registrations
News from METUCC
Seminar Registrations
Windows Update
".tr" Extension
Fun Stuff
CISN Archive
Questionnaire
Send Feedback


Computing & Information Services Newsletter
How to Update the System Files and Software of Windows Operating Systems
     
 

We would like to state the fact here once again that the time that will take you to remedy your system security vulnerabilities is far less than the total time that will take you to remedy these vulnerabilities. For this very reason, a little time span you spend will suffice to remedy most of your system vulnerabilities.

As time passes after the release of Windows 95/98/NT/2000/XP operating systems on the market, some security vulnerabilities on these systems show up or newer versions of products such as Internet Explorer, Windows Media Player, and Microsoft Office are introduced. The announcements about the versions of the products and about the security updates are made on the web sites of Microsoft.

It is not always possible for a Windows user to follow the update announcements regularly on MS web pages; thus some of the updates that the users miss, may cost them to run the risk of serious security threats to their operating systems.

Especially, risks may follow the standard Windows installations (i.e. installations from a CD), and this may bring about threats to our system security that may, at some instances, create an immense congestion on our network traffic.

This document will provide the reader with some tips to follow the recent updates released.

1-WINDOWSUPDATE and OFFICEUPDATE

Whatever the version they have, every Windows operating system user should visit the
   http://windowsupdate.microsoft.com
site frequently and regularly to download principally the essential "Critical Update Pack" which is available at "Product Updates" link. This pack contains all the "crucial" security updates that should have been installed since the Windows version is released. The updates other than the "Critical Update Pack" contain the newer versions of some of the programs available rather than assuming the task of remedying the vulnerabilities of the system. Our experiences with some of the newer versions of Microsoft software such as Microsoft Internet Explorer, Media Player etc. showed that their performance is better and they have less security vulnerabilities. Once the critical update pack is installed, secondary updates can be run optionally. As to repeat ourselves, we recommend you once more to run "windowsupdate" frequently at minimum once a week (at maximum once a month), unless there is an exceptional case or an important announcement, to be able to ensure the safety and security of your operating system through the updates.

In a similar way, Microsoft Office users may update their Office programs by selecting the "download" link on the address below;
   http://officeupdate.microsoft.com

2-MPSA (MICROSOFT PERSONAL SECURITY ADVISOR)

On the address below, Microsoft has provided an application, namely Microsoft Personal Security Advisor, to detect the software that are not updated on the computers with Windows NT/2000 operating systems and to detect the vulnerabilities on your systems by scanning them over the network:
   http://www.microsoft.com/security/mpsa

The "scan now" button on this page allows you to spot the system vulnerabilities of your operating system and to remedy these vulnerabilities by following the directions.

These processes may take time. However, the hazards that may affect the well functioning of our systems seriously require us to take precautions against the risks. This application can only run on Windows NT/2000 operating systems.

3-HFNETCHK and HOTFIX REPORTER

"Hfnetchk" involves software which checks the nonavailable updates (written by Microsoft) on Windows NT/2000/XP operating systems installed on your computer. You can reach to this software from the following address,
   ftp://ftp.metu.edu.tr/popular/security/update-tools/nshc32.exe

To install the program, create a directory named as C:\Program Files\hfnetchk (in fact, you can name the file as you would like and create it wherever you want, during the installation of "hotfixreporter", the directory that you have installed "hfnetcheck" to will be prompted). After you run the program, specify the location where you will install the program to via Browse button. Setup will be completed then.

This program runs in the DOS environment, therefore it is difficult to use it alone. For this reason, you should use "Hotfixreporter.exe", which is a freeware program that converts the output of "hfnetchk.exe" file to html format to make it easily readable. You can download this file from;
   ftp://ftp.metu.edu.tr/popular/security/update-tools/HR-32.exe

Run the hfnetchk file that you have downloaded from the address given above. When the program asks you where you would like to copy the files to, browse for the location and click OK. Now, after clicking on "Hotfix Reporter" (under Windows Start menu/Programs), MS DOS mode will be started, the program will be executed and it will then provide you with information about the vulnerabilities of your system via using Internet Explorer or Netscape.

The information available on this page can give you an idea about which files are missing and which files should be updated. The links on this page will guide you to the files you need.

"Hfnetchk" program runs only on Windows NT/2000/XP operating systems.

Have you enjoyed reading this article?

 
     
  - TOP -  
2001 METU CC
Design: CC - INFO