Note:  Microsoft is no longer providing support for Windows XP. Please ensure a plan to upgrade your system(s) that have been identified.

Antivirus-Malware-Spyware Protection 

There are several applications freely available to end-users to download and install on their systems.

Available from the University Bevoware Site (EID required):  https://its.utexas.edu/bevoware/download/

Immunet Free Antivirus (highly recommended by the ISO for non-UT systems)

http://www.immunet.com

MalwareBytes Free Edition

http://www.malwarebytes.org/products/malwarebytes_free/

Applying Security Updates in Windows 

Windows 7 Users

  1. Click on Start, navigate to Control Panel
  2. If you are viewing the Control Panel by Category
    1. Click on the System and Security link Windows Update
  3. If you use the Large icons or Small icons view, just choose Windows Update
  4. Click the Change settings link on the left

To fully enable automatic updates:

  1. Choose Install updates automatically (recommended) from the drop-down box under Important updates. Select Every day and then a time that your computer is typically on but not in use.
    1. You may also select a specific day of the week for updates to occur
    2. Note: Microsoft releases critical updates every Tuesday of the month

To enable Windows Updates to Check & Download (But Don't Install)

  1. Choose Download updates but let me choose whether to install them
    1. Windows Update will check for updates, and download any available, but nothing will be installed until you authorize permission to do so.

Note: This is a good option to choose if you want more control over what updates are installed, but network performance may decrease if any of the updates are of substantial size.

To enable Windows Updates to Check for updates, (Don't Download or Install)

  1. Choose Check for updates but let me choose whether to download and install them to prevent Windows Update from both downloading and installing updates automatically. Windows Update will still check for available updates but it won't do anything about them.

This is a good option if, for the most part, you're not planning on installing most updates. You're still kept informed of new security and other patches but you retain complete control over downloads and installs.

Windows XP Users

  1. Click Start, Settings, and Control Panel
  2. Open System
  3. Click the Automatic Updates tab.
  4. Check the option for Keep my computer up to date
  5. Select one of the three settings (outlined in the Windows 7 guidelines above) on how you wish to be notified for updates.
  6. Click Apply and Ok.

Configure Event Log Settings 

By default, Windows systems "should" be enabled for logging.  To enable logging:

For Windows OS:

  1. Click Start
  2. Click Control Panel
  3. Click Administrative Tools
  4. Click Event Viewer

Note:  For advanced or Windows 8 users, you can simply do a search for eventvwr and select the application.

In the left column, expand the Windows Logs folder.  The application, security, and system logs should now be visible.  To configure settings for each log file:

  1. Click on Application
  2. On the menu bar, click on Action, followed by Properties
  3. On the Log Properties view, verify that Enable Logging is checked
  4. Input 50000 KB as the maximum log size
  5. Under the When maximum event log size is reached, select Overwrite events as needed (oldest events first)
  6. Press OK
  7. Repeat the same steps for the security and system logs

Note: For the security log, input 100000 KB as the maximum log size.

 

Enable Windows Firewall 

For Windows OS, verify firewall settings:

  1. Click Start
  2. Click Control Panel
  3. Click System and Security
  4. Click Windows Firewall
  5. In the left pane, click Turn Windows Firewall on or off

Note: If you're prompted for an administrator password or confirmation, type the password or provide confirmation.  Windows 8 users, you can simply do a search for control panel and proceed with the remaining steps.

  1. Click Turn on Windows Firewall under each network location that you want to help protect, and then click OK

Operate with a standard Windows account 


Running as an administrator?  Administrative accounts are granted the ability to virtually perform anything on the computer. Everyone computer has an administrative account, and many users have the tendency to operating their computer in an administrative mode.

With an administrative account, malware/viruses have an easier time:

  • Hiding itself in the system to install rootkits, backdoors, keyloggers.
  • Creating new administrative accounts
  • Accessing and running privileges services
  • Using an infected system to attack other vulnerable computers on the network

If your current account is now an administrative account, you can downgrade this account with only “user” privileges, while also creating a new account for administrative purposes.

Create a new Administrative Account

Windows 7

  1. Click on Start, then navigate to the Control Panel
  2. Select User Accounts and Family Safety, then User Accounts

Note: If you are currently in Small/Large icon view, proceed to click on User AccountsWindows 8 users, you can simply do a search for control panel and proceed with the remaining steps.

  1. Select Manage another account
  2. Select Create a new account
  3. Enter an account name, selectAdministrator, click Create Account

Assign a password to the new administrative account

  1. Click on the new account, selectCreate a password
  2. Enter a strong password and clickCreate Password when done

Demote the original user account to a standard user

  1. Select Manage another account
  2. Click on your original account from the accounts list (not the one recently created)
  3. Select Change the account type
  4. Select Standard User and click Change Account Type
  5. Close the Control Panel and then log off and back on the system with your primary/standard user account.

Windows XP

Create a new administrative user account

  1. Click on Start, navigate to the Control Panel, click on User Accounts
  2. Select Create a new account
  3. Enter an account name and clickNext
  4. Select Computer Administrator and click Create Account

Assign a password to the new administrative account

  1. Click on the new account, selectCreate a password
  2. Select Create a password
  3. Enter a strong password and clickCreate Password

Demote the original user account to a standard user

  1. Select Change another account in the left pane
  2. Click on your original account from the accounts list (not the one recently created)
  3. Select Change the account type
  4. Select Limited and clickChange Account Type
  5. Close the Control Panel and then log off and back on the system with your primary/standard user account.

Password Complexity 


Secure unattended computers 

For Windows 7

  1. Click Start
  2. Select Control Panel
  3. Select Appearance and Personalization
  4. Select Personalization
  5. Click Screen Saver, Set the number of minutes in the Wait box for a recommended 15 minutes
  6. Check On resume, display logon screen

Note:  Windows 8 users, you can simply do a search for control panel and proceed with the remaining steps.

  • No labels

Confluence Documentation | Web Privacy Policy | Web Accessibility