1. Stay informed
Visit http://www.microsoft.com/security/ on a regular basis to check for the latest in the ongoing battle between Microsoft and those who would hijack your browser, or take over your computer.
Sign up with the Microsoft Security Update e-mail alert
http://www.microsoft.com/security/security_bulletins/alerts2.asp
Visit the Internet Explorer community regularly:
http://www.microsoft.com/windows/ie/community/default.mspx
2. Keep your computer up to date
Get a FREE copy of the Microsoft Security Update CD - use it, then give it to your friends and tell them to use it, and ask them to pass it on.
http://www.microsoft.com/security/protect/cd/order.asp
Use Windows Update - download and install all critical patches relevant to your computer.
3. Use a firewall
Windows XP has a firewall - turn it on!
If you don't have XP there is a free firewall available at http://www.zonelabs.com/store/content/catalog/products/sku_list_za.jsp?lid=pdb_za1
4. Use an antivirus programme and keep it up to date
There is a free one available from http://www.grisoft.com/us/us_dwnl_free.php
5. Internet Explorer
Install
the latest updates for IE (the latest critical update for IE is MS04-038,
KB Q834707)
http://www.microsoft.com/technet/security/bulletin/ms04-038.mspx
If
you are running IE6 SP1 (version 6.00.2800.1106) you should also review
this link which is directly related to MS04-038:
http://support.microsoft.com/?kbid=873377
Update to the latest version of Internet Explorer available for your operating system.
Disable install on demand (Internet Explorer and other) via tools, internet options, advanced.
Make sure that your Java VM is up to date. You will find information about how/where to get java and how to update from this link.
You may like to use Mike Burgess' hosts file, available at http://www.mvps.org/winhelp2002/hosts.htm.
Do NOT give permission to a website to install or run anything on your computer unless YOU initiated the download. The prompt may look like either of these examples (the 2nd is from a new version of Internet Explorer):
6. Outlook Express
DO NOT OPEN ATTACHMENTS!!!
If you REALLY REALLY REALLY want to open an attachment, reply to the email and ask 'Did you send me this?' DO NOT OPEN THE ATTACHMENT UNTIL YOU GET A REPLY.
Set OE to view all messages as plain text.
Make sure OE is set to 'restricted zone' (more info here)
Don't open spam. Delete it without opening.
Watch out for phishing (more info here)
STOP PRESS ... STOP PRESS ... STOP PRESS ...
Windows XP SP2 includes many improvements including:
a pop up manager (picture here)
add on management and crash detection ("..Users will be able to view, enable, and disable the add-ons used by Internet Explorer, and identify add-ons that might be related to Internet Explorer crashes...") (picture here)
greatly improved firewall (on by default...boot time security...global configuration [all network connections use same setting]...stateful filtering...)
the ability to block all downloads from a particular publisher ("...This feature allows the user to block all signed content from a given publisher without showing the Authenticode dialog box to the user while doing so. This stops code from the blocked publisher to be installed. This feature also blocks installation of code with invalid signatures...") Instead of just having only an 'always install' option, you will also have a 'never install' (picture here)
One prompt per control per page ("....It mitigates [stops] the social engineering trick of prompting the user a number of times for the same control. Even though users repeatedly refuse, they cannot get out of the loop, and they might eventually accept the installation out of frustration....") (picture here)
some pretty cool improvements to OE that the spammers are gonna hate (see this page for details).
automatic downloads (such as that used by Majorgeek and other software distribution sites) are disabled by default (to enable go to IE tools, internet options, security. Click the custom level button and turn on the option to 'allow automatic prompting for file and code downloads'.
a "Security Centre", which is a central repository for information about firewall, antivirus, Windows Update and system settings (picture here)
When XP SP2 is released to the public, I strongly recommend that you download and install it. It will go a long way towards making your computer more secure, and protecting you from the seedier side of the internet. Developers and those who own web sites may like to review the following document:
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx
VERY IMPORTANT WARNING
The XP firewall cannot be considered to be equilvalent to products such as ZoneAlarm and Kerio. If your computer is infected, the XP firewall may NOT stop your computer from sending data OUT. Until things improve I must suggest that a third party firewall be used.