You have likely heard about the Blaster worm which exploits a vulnerability that was addressed with Security Bulletin MS03-026 on July 16th. You may be getting inquiries from family and friends on what they can do to protect themselves from this worm on their home machines.
I wanted to give you concise, clear instructions that you can forward along that can help them now and in the future.
Windows XP users (as all of your friends and family should be) have the ability to protect themselves immediately from this kind of threat without purchasing additional software or firewall hardware. I personally use the built-in features in Windows XP to protect myself, my mother, etc. and I have since Windows XP was shipped. I have never been impacted by any of these kinds of worm exploits -- even though I know hackers try to attack my home machines all the time. I tell you how I do it below.
Protecting our customers is our primary goal and we are looking to enlist your help to get the word out. If you get further questions or comments from your friends and family, please feel free to share them with me.
jim
PS. For more information about this particular "Blaster worm", you can point your friends and family to www.microsoft.com/security where they can get more information is available.
_________________________________________________________________________
Here is what to do to get protected and stay protected.
1. First, turn on the Internet Connection Firewall in Windows XP. Having the firewall activated will protect your computer from this security issue as well as many many others. Even if your computer has already been infected, activating firewall software will help limit the effects of the worm on your computer.
The fine print: If you have multiple machines, you should use the Home network configuration wizard. In the multiple machine case only the Internet facing computer (the computer attached to the Internet directly and not the other computers in the home that sharing the Internet connection) should have the firewall enabled via the instructions below. Please note that the firewall can disable some internet software, services and features. However, if this happens you can selectively correct these issues by adjusting how the firewall works. For the vast majority of users this change will be totally transparent. Your email and browsing experience for example should not be impacted in any way. In some cases you may have to "open a port" for a feature to work. I don't describe how to alter those secondary settings here. If you run servers in your house, etc., then you are technical enough that this message isn't intented for you. If you experience any changes to your internet software, services or features, please call 1-866-PCSAFETY if you can't figure it out or check our web site for more information.
The instructions:
1. Open Network Connections (Click Start, click Control Panel, and then double–click Network Connections.)
2. Click to select the Dial–up, LAN or High–Speed Internet connection that you want to protect.
3. In the task pane on the left, under Network Tasks, click Change settings of this connection.
(Or, within the Network Connections folder, right-click on the connection that you want to protect and then click Properties.)
4. On the Advanced tab, under Internet Connection Firewall, select the Protect my computer and network by limiting or preventing access to this computer from the Internet check box.
If you are not running Windows XP, you will need to install a third-party firewall. Most firewall software for home users is available in free or trial versions. Check the following resources for more information on personal firewalls:
2. Second, configure AutoUpdate for Windows Update for Windows XP. While your computer is connected to the Internet, the Automatic Updates feature in Windows XP looks for updates and downloads any that are available. By using the scheduled downloads feature, you will automate the essential second step of actually installing the updates once they are downloaded (and not see those pop-up balloon reminders).
1. Open System Properties (Click Start, click Control Panel, click Performance and Maintenance, click the System icon to open the System Properties dialogue box. (If the Performance and Maintenance category is not visible, click Switch to Category View under Control Panel on the left side of the Control Panel window)
2. Click the Automatic Updates tab. If the check box next to Keep my computer up to date is clear, click it to select it.
3. Schedule Regular Installs. On the Automatic Updates tab, under Settings, click Automatically download the updates, and install them on the schedule that I specify. From the lists provided, select a day and time for your computer to install downloaded updates. Be sure to pick a day and time when your computer is usually turned on.
4. Click OK to apply your changes and close the dialog box.
If you are not running Windows XP, you can still use Windows Update. More information on downloading updates can be found at www.microsoft.com/security
