Saturday, 3 May 2014

Fix Internet Explorer security, even for XP - & a trap to watch out for

You should have heard there's a security hole  in Internet Explorer versions 6 to 11 (ie most modern versions), a fatal flaw which could let attackers plant malware on your PC. This zero day vulnerability, announced by Microsoft a few days ago, was considered serious enough that the US and UK authorities issued warnings about it, as did the EU security agency ENISA.

To their credit, Microsoft in short order released a fix for this critical issue - even for browsers running on Windows XP, for which support has now ended generally (so if you're still on XP, for the sake of your security you should move off it ASAP).

How to update your Internet Explorer for the fix? Use Windows Update. For many people you'll be prompted to type 'Windows Update' in your Start menu search box.

There is one trap you have to watch if you have your Windows Update settings set to 'Check for updates but let me choose whether to download and install them'. (I use that setting because Windows updates have been known to stop computers from starting up altogether! So, for non-critical updates, I usually wait a few days and search to see if there have been cries of despair online about failure or inability to boot after the new update, before I apply the update to my own computers.)

If you have that setting for Windows Update, after you check for updates you MUST click on '1 important update is available'  (or '2 important updates'. or whatever it says):


When you do that, you'll see the list of important updates. Now here's the important bit: on my Windows 7 and Windows 8 computers, often items in the list of important updates are NOT ticked by default. You have to manually tick them. This is what happened to me in the case of the critical Internet Explorer update on Windows 8.1. The option was not ticked!


So you must tick all the important updates, especially that one. Then you can go ahead and click all the 'Install' / 'OK' buttons, and restart your computer when prompted.

I've noticed this happen many times with Windows 7 and Windows 8 Windows updates. Also, important updates like Microsoft Security Essentials or Windows Defender are often listed under 'Optional' updates rather than 'Important' updates, so you must go and check your Optional updates too, which is not good. I hope Microsoft fixes it so that security updates, especially critical ones, are all TICKED by default without users having to check, and that security updates are all under the 'Important' rather than 'Optional' section.

No comments: