As much as we'd like to bash Microsoft, or whatever software vendor is
affected by exploits, the truth is that user behavior also contributes
to the poor security on some machines. Jeff Atwood details his own
experience with a PC that was
infected
because he surfed 1 website with an old version of IE6.
I recently upgraded my dedicated racing simulation
PC,
so I was forced to re-install Windows XP SP2, along with all the
games. As I was downloading the no-cd patches for the various racing
sims I own, I
was suddenly and inexplicably deluged with popups, icons, and unwanted
software installations. I got that sinking feeling: I had become the
unfortunate victim of a spyware infestation.
The simplest thing you can do to protect your machine is run your
operating system's automatics updates service. Windows has the Update
app that sits in the icon tray, Mac's have the Software Update option
in the apple menu, and Ubuntu provides update notification in the
notification tray via an orange icon. You should be in the habit of
running updates frequently, no matter which system you run. I was
dismayed a while back by a colleague who felt they didn't have to run
updates in Ubuntu because essentially "Linux is secure enough". \
Another good practice is to always run the latest version of your
browser of choice. If you use Windows Update, you'll keep Internet
Explorer's patches up -to-date, although there are still unpatched
vulnerabilities in the wild. A better option, and my recommendation
especially for Windows Users, is to run Firefox
2, which automatically updates
itself.