ICS Support - Accounting and Business ERP Software Consultant Seattle Washington
IT Computer Network System Management and Technical Support Services in Seattle Washington

Your Computer Network Solution
Should You or Shouldn't You Install Microsoft Updates?

Microsoft recently released an out-of-band security update to repair a potential vulnerability in Internet Explorer. Generally, Microsoft releases scheduled updates the first Tuesday of every month; however, when a significant security flaw or vulnerability is discovered, they occasionally release it the very next Tuesday.

We received notice of such an update on Monday evening. All of this was not a reason for significant concern... that is until the next morning. On Tuesday morning we received a couple of e-mails from clients forwarding e-mails they received directly from Microsoft about the update, and links to the patch. Upon closer inspection, we noticed that the web links that were included in the emails were directing the reader to www.microsoftemail.com. Notice this is not Microsoft.com, but microsoftemail.com.

After further research, we were able to determine that microsoftemail.com does indeed belong to the Microsoft Corporation. It does, however, raise the question about the potential for a phishing scam. It is not uncommon for unscrupulous scammers to pretend to be a legitimate entity and get you to divulge sensitive information. Furthermore, those same scammers may attempt to lure you to websites that contain harmful code that can infect computers; especially if they are not adequately protected.

This incident gives us the opportunity to review proper practices for handling updates.

1. Updates are important. Keeping your computer up-to-date with patches and updates is the single most important step you can take to prevent viruses and malware from infecting your computers and networks. Keep in mind, the vast majority of viruses take advantage of known vulnerabilities.

Screenshot
click to enlarge

2. Be careful of e-mail links to websites. Just because it says www.microsoft.com on the e-mail, don't assume that the link actually goes there. Often you can hover your mouse about the link to see the actual site. If it is not EXACTLY what you expect, don't click. Better yet, open a browser session and manually type in the address yourself.

3. Take the initiative. If you hear about a security update, you can go to Windows Update or Microsoft Update directly from your computer and download the appropriate patches.

4. Talk to the horse directly! Go to www.microsoft.com/security and you can see what Microsoft has on any security alert. If there is something urgent, they will have it right on the front page.

5. Ask before you click. If you receive an unsolicited e-mail concerning updates and you have questions; ask anyone here at Integrated Computer Systems Support before you click. Simply send an e-mail to support@ics-support.com with your question (and include the e-mail you received). We will take a look and advise you.

 

Integrated Computer Systems Support, Inc
contact
support
home
If you receive an unsolicited e-mail concerning updates and you have questions; ask anyone here at Integrated Computer Systems Support before you click. Simply send an e-mail to support@ics-support.com with your question (and include the e-mail you received). We will take a look and advise you.