Security information for users of Windows XP/Vista
Five steps to Security for User-managed PCs (Windows XP, Vista)
1. Use passwords to control access to your PC
2. Install Windows Updates to guard against network worms
3. Install a virus checker and set it to scan your whole hard disk at least weekly
4. Use a personal firewall
5. Remove Spyware
1 Use passwords to control access to your PC
You need a password for your PC, to keep it safe from other people’s misuse.
To set your password, open the Control Panel and use the User Accounts
icon. Double-click to open it, then choose Change an Account; click on your
name, and choose Create a password from the list of tasks.
(Vista users ignore this paragraph) To set a password for the computer’s Administrator is
more difficult, because you don’t normally see it in Windows XP, it is only seen by IT
Administrators who are logging in to your computer from another computer in order to make
changes to yours. In order to see the Administrator, you have to start the computer in Safe
Mode. Re-start the PC, and press F8 as soon as it re-starts. When you are offered a choice,
choose Safe Mode. The display will be very chunky, but you will see that Administrator is
one of the people who can log on. Log on as Administrator, then proceed as above. When
you have finished, re-start the computer as normal. KEEP THE PASSWORD SOMEWHERE
2 Install Windows Updates to guard against network worms
A network worm is usually a standalone program that tries to copy itself to other computers
connected to the same Local Area Network so it can do damage or find information. Hackers
and criminals keep finding problems in Windows that can be exploited, so Microsoft needs to
keep updating it to close the holes. Updates (sometimes called patches) address these
issues when they are found and help protect your computer against known security threats
which have been discovered since Windows was released. Microsoft usually releases these
updates once a month, on the second Monday or Tuesday of the month. However, at times
of crisis they can release updates at other times, so you need to set your computer to look
for these daily. It is a good principle never to keep any updates waiting, always install them
immediately. You can continue to work while they are being installed. Don’t postpone the
installation because you are too busy; if all of your data is destroyed, you may never be busy
First, check to see if you have any updates waiting to be installed. Look at the extreme right
of your task bar, next to the clock. If any icons are hidden, you will see an arrow which you
can click to reveal unused icons
Click here to view
Updates waiting to be installed will appear here as a yellow shield.
If you see the yellow shield, click it and follow instructions to install the update. It will
minimise and allow you to keep working, though you may sometimes have to agree to an
End User License Agreement, and occasionally you may have to re-start the computer to
complete the installation. You can wait until your next break before re-starting, or just switch
off as normal when you go home and the re-installation will be completed when you switch
on in the morning.
If there are no updates waiting to be installed on your computer, you need to go to the
Windows Update site to see if there are any available there.
Windows XP users, click on the Start button, then Programs, and look at the top section for
the Windows Update icon.
Windows Update icon
Click the Windows Update icon to go to the Windows Update site. If you get the option to
upgrade to Microsoft Update, please do so – you’ll get MS Office updates as well.
Everything happens automatically, so click on Express Install when you see it. Just read the
instructions and follow them to get the critical and security updates your computer needs. If
there are a lot of updates, you may find that you can only install a few, and must connect
again when that has been done to get the rest.
Vista users get updates via the Control Panel in the Security Centre.
Both Vista and XP users need set up the computer to fetch its own updates
in future. Open the Control Panel then the Security Centre.
Towards the bottom of the dialog box, under the heading
Manage security settings for you should see the icon illustrated.
Opening Automatic Updates allows you to set a schedule for the updates. Because of the
occasional crisis, you are best to set this to Automatic, and do it Every day. Set the time for
some period when your computer will be turned on. It will not disrupt your work, indeed you
won’t be aware of it, although you may be asked to agree to a licence.
These are the
settings for your
3 Install a virus checker and set it to scan your whole hard disk at
Firewall and anti-virus software is freely available to all UCL staff and students, and our
licences allow for the software to be used on home computers too.
The recommended one is F-Secure, which you can download from
You are not obliged to have it, but UCL has already paid for it, it is reasonably user-friendly
and help is available on-line for setting it up. However, if you have any other anti-virus
product installed, YOU MUST REMOVE IT FIRST. (Use Control Panel, Add/Remove
Programs. Ensure you remove all the parts of any previous software. If you have a previous
version of F-Secure, you do not usually need to un-install that.)
If you click on F-Secure Anti-Virus Client Security with firewall, rootkit and spyware
removal (currently version 8.00) you will be taken to the download page.
These details may change slightly with time. Before you click the Download button, make a
note of the Keycode, as you will be asked for it during the installation.
Click the Download button and choose Save. If you save it to your Desktop, it will be easy to
find. When the download is complete, double-click the icon and follow the instructions – you
need to enter the keycode when asked, and should just be able to accept all the defaults by
clicking Next until the installation is complete.
Once you have installed the program, you will be asked to re-start the computer. You will
then need to be patient as it will attempt to do a large download from F-Secure to bring the
virus protection right up-to-date.
Set-up instructions are on the Web, on the extreme left at the very top of the page – scroll
right up and click on .
Setting up F-Secure Firewall
Follow this link to configure F-Secure so that it works in the best way to keep you safe. There
are plenty of screen dumps on these Web pages to guide you through the set-up.
You also need to make sure F-Secure is set for Web Scanning so that it scans web traffic for
viruses as you browse the web. Then a virus can be stopped before the data is forwarded
into your web browser.
Click on Virus & Spy Protection, then on Configure next to Real Time Scanning.
Make sure there is a tick in the box that says Scan web traffic and remove found viruses
There is something else you need to do. You need to set F-Secure to scan your whole
hard disk regularly for problems. The virus scanner is always active for programs you
open, but it may fail to notice network worms or rootkits, so you must do a full scan regularly
(either daily or weekly).
If F-Secure is now shut, open it again by double-clicking the blue triangle on the right of your
Click on Virus & Spy Protection, then on Configure next to Scheduled Scanning.
Remember to click
here to enable the
A weekly scan is probably sufficient. If you set it for a suitable start time; you can work while
it is scanning; setting it to scan during lunch means you will not be bothered by it. PLEASE
take care though to ensure that you check that scanning has taken place – see what the
latest report is. You can start a manual scan if you are worried, or if your last scan was over
a week ago.
F-Secure will automatically download virus definition updates to take care of any new virus.
Its icon, the blue triangle, found on the right of your taskbar, near your clock, will show you
warnings if it has any problems. You MUST keep an eye on it to make sure it is operating
correctly. Please look at the table illustrated on the next page, and be aware of the meaning
of any different appearance of the icon. Remember, this bit is YOUR responsibility.
To update the virus definitions manually (they update every hour, so if you’ve been away for
a few days, they quickly get out of date), you need to open F-Secure, and click the
Automatic Updates button. Then you can click on Check now.
Click here first. Then click here.
4 Use a Personal Firewall
A firewall is something that stops unwanted things coming from outside onto your PC and it also
stops things on your PC connecting to the Internet unless you want them to. If you followed the
instructions in Section 3 above, you installed a firewall along with the virus checker.
You may need to make some modifications to the F-Secure firewall if you share to another
computer or to a server. Notes about how to do this are on the UCL website. One the top left of the
web page http://www.ucl.ac.uk/fsecure/ you will see the heading INFORMATION ABOUT and
under it, Setting up F-Secure Firewall. Follow the link for good clear instructions.
Periodically, F-Secure will open a dialog box to let you know something is happening. You may see
something like this:
This is where you have to use your common sense. The new connection attempt warning above
was caused when I tried to open Firefox for the first time, and it tried to connect to the Internet
through my firewall. Because I opened it myself, I clicked the box Do not show this dialogue for
this program again, then I clicked Allow. If you open a program you want to use, and the Firewall
warns you that the program is connecting to the Internet, THINK before you click. Internet Explorer,
Firefox, Eudora, Outlook, Citrix (for WTS) Windows or MS Office Help are all examples of things
that need to connect to the Internet, so you need to let them through the Firewall. Similarly,
programs that update themselves such as Acrobat or RealPlayer need to be allowed through.
A good rule to observe is ‘If in doubt, DENY’. If you don’t know what it is, don’t let it connect and
see if anything stops working. Another good tip is to type into Google the name of the program
trying to connect and see what it finds – you will often get a good idea of what something is.
After you have finished setting up F-Secure, you can delete the installer you downloaded.
Page 7 http://www.ucl.ac.uk/is/security/
Sections 3 and 4 have been all about F-Secure. If you are using something else, you can ignore
them. However, here are some warnings.
You may prefer to use a different product. There is no problem with using something else, if you
bear the following points in mind.
1. McAfee and Norton are not free, so you need to pay. They update their virus definitions
every day, so if you let them become out of date, you will very quickly leave your computer
at risk. (F-Secure updates virus definitions every hour)
2. F-Secure provides virus checking, a firewall, and spyware/adware protection. YOU NEED
ALL THREE. If the product you choose doesn’t have all three, you need to add the missing
bits. For instance, Sophos Version 7.6.4 (current) has spyware and adware detection and
removal tools but NO built-in firewall. It provides the firewall as an extra, so download that
separately. You do need a firewall. For further information, consult
3. If you have broadband at home, you probably already have a hardware firewall in your
broadband router. However, this should not conflict with F-Secure’s one. Home use of F-
Secure is covered by the UCL license, as is Sophos. You could also consider AVG, a free
anti-virus product provided by Grisoft - http://free.grisoft.com/
5 Remove Spyware
Spyware is software that covertly gathers user information through your Internet connection
without your knowledge, usually for advertising purposes. Spyware programs are frequently
bundled as a hidden component of freeware or shareware programs that can be downloaded from
Spyware is similar to a Trojan horse in that users unwittingly install the product when they install
something else. A common way to become a victim of spyware is to download certain peer-to-peer
file swapping products that are available today. Once installed, the spyware monitors user activity
on the Internet and transmits that information in the background to someone else. Such programs
can monitor keystrokes, scan files on the hard drive, snoop other applications, such as chat
programs or word processors, install other spyware programs, read cookies, change the default
home page on the Web browser, relaying this information back to the spyware author who will
either use it for advertising/marketing purposes or sell the information to another party. Spyware
can gather information about e-mail addresses and even passwords and credit card numbers.
Licensing agreements that accompany software downloads sometimes warn the user that a
spyware program will be installed along with the requested software, but thee agreement may not
always be read completely because it is often couched in obtuse, hard-to-read legal disclaimers.
Aside from the questions of ethics and privacy, spyware steals from you by using your computer’s
memory resources and also by eating up bandwidth as it sends information back to the spyware's
home base via your Internet connection. Because spyware is using memory and system
resources, the applications running in the background can lead to system crashes or general
If you are using F-Secure, you are protected already. The current version of F-Secure for
workstations has spyware and adware detection and removal tools. Installing additional anti-
spyware programs may prevent F-Secure from working properly or slow the entire system down.
Sophos also has spyware protection.
If you don’t have any Spyware protection, you definitely need it. Microsoft produces an excellent
free one, called Windows Defender. (not available for Windows 2000) It will scan your hard disk,
find any Spyware, describe the risks associated with anything it finds and advise you what to do
about it. It will also continue to monitor your computer to see if anything is being downloaded
Page 8 http://www.ucl.ac.uk/is/security/
without your knowledge. Windows XP users should download it from www.microsoft.com, and is, at
the time of writing still free. Windows Vista users will find they have it installed already.
Alternative well known products for Windows XP users are Ad-Aware and Spybot. (Type either of
these into Google, and you’ll be offered various download sites.) These are both good, but the free
versions of these programs do not monitor your computer, so if you decide to use one of these,
you must scan your disk regularly for spyware – preferably every day.
The latest version of Internet Explorer - 7- incorporates pop-up blocking, as well as a Search box
which you can direct at Google when you set up the software for the first time. The software does
not distinguish between pop-ups you want and pop-ups you don’t want, so you may see that a
pop-up has been blocked when you click on a link. You will then have to allow pop-ups on that site.
You can also use the Google Toolbar as well if you want, which also blocks pop-ups. You can get it
Provided you turn on the Phishing filter, Internet Explorer 7 will also warn you if you find yourself on
a ‘phishing’ site - a bogus web site where you are asked to update personal information, such as
passwords and credit card, social security, and bank account numbers, that a legitimate
organization already has.
You PC has been set up safely, but there are other things you need to do.
1. You need to keep the PC clean by clearing your temporary files and temporary Internet
2. You need to backup your data
3. You need to consider if some or all of your data needs to be encrypted.
These topics will be explored in a further session.
Page 9 http://www.ucl.ac.uk/is/security/