Windows Update is a feature of Microsoft's desktop operating environments which allows the hapless user to keep their system up to date. It is a convenient and (most importantly) highly non-technical conduit for hardware drivers and software patches. However, as it is motivated by evil, there are some cons as well as pros:

PROS

  • Easy to use (relatively speaking)
  • A one-stop shop
  • At least puts clueless computer illiterates in the running to apply patches

CONS

  • Uses Internet Explorer for its UI and therefore...
  • Requires all the huge security holes to be opened to operate. (Active Scripting, ActiveX, etc.)
  • Tries to peddle loads of gratuitous crap such as IE6 and "Still sucks compared to Winamp" Windows Media Player. Optional, but still a clear and present competition stifler.
  • It's really, really, really, really slow.
  • Only lets you grab one "major" patch/service pack at a time.
  • Do you like rebooting? How about dialogues with 'Do not restart my computer' greyed out so you can't tick them?
  • Sometimes puts back all the redundant icons* you have meticulously expunged from the desktop, start menu and toolbar.
  • Of course, you have to invoke it manually on each machine.
It claims it doesn't send any data back to Microsoft.

*Internet Explorer and Outlook Express-Route-To-Propogating-Email-Worms

Prevent viruses, worms, etc when using Windows Update the first time

Many critics of Windows XP (and Windows 2000, and any version of Windows that uses Windows Update) say that connecting to the Internet to use Windows Update immediately exposes it, and all of its unpatched bugs, to exploitation within about twenty minutes.

While that's not far-fetched, given how many worm-ridden machines are run by irresponsible lusers, there is a very simple way to avoid exploitation while using Windows Update.

  1. If on broadband (Cable modem or DSL), buy a hardware firewall.
    Most Internet sharing devices have built-in firewalls that act as one-way doors to the Internet. You can go out to the net, but people on the net can't get back in. For less than $100.00 (Canadian, one time) you can get better protection than any "software firewall" can provide, and without renewing subscription costs. Even for a single computer, it's well worth the investment.
  2. If on dial-up, turn on the built-in Internet Connection Firewall on your dial-up connection.
    Windows XP as first released comes with a silent firewall program already installed. Make sure you turn it on! Sadly, AOL dial-up users can't use it.
  3. Use Windows Update Only until it says it's done.
    Don't do any production work, don't check e-mail, don't surf any other web sites, until Windows Update tells you that you don't need any more critical updates.

That's it, really. Get behind some kind of firewall and patch your system first. After that, start using the tools included in Windows XP, such as Automatic Updates, to let the system keep itself updated.

Other routine precauctions include: Use the hardware firewall at all times, create a Limited User account for yourself and do your production work there, stick with applications and devices Designed for Windows XP, and (as The Register is fond of saying) wear a regulation tinfoil hat.

Log in or register to write something here or to contact authors.