May 14, 2009
There is no shortage of products, practices and solutions to improve
the security of workstations. But it really can be reduced to a
relatively few rules of thumb.
1. Run a vulnerability scanner regularly (I would suggest at least once every two weeks)
Patch software that is identified as having vulnerabilities. Remove software that has been end of lifed
1.1 Good vulnerability scanners can be found at
(Online Software Inspector) and
http://www.microsoft.com/downloads/details.aspx?FamilyID=F32921AF-9DBE-4DCE-889E-ECF997EB18E9&displaylang=en (Baseline Security Analyzer)
2. Create a general user ID for your daily use instead of being
logged in as administrator. When you need to install software you can
do a right mouse click on the setup or install package and select RUN AS. You will then see a box that will let you select your administrator account and be prompted for the administrator password.
2.1 A 'limited' user account can be created from the
control panel - user accounts application
3. Run an AntiVirus and AntiMalware product.
3.1 Free versions are available from http://free.avg.com/download-avg-anti-virus-free-edition and
(uncheck all except Spyware doctor)
3.1.1 Some malware infections might require a licensed copy of
Spyware doctor. If you receive a notification that you need to
purchase a license, please send e-mail to me at
SecurityHelp@ag.tamu.edu and I can probably help you remove the
infection using another product or some other solution.
For a more complete list of practices please view the following power point presentation
A power point viewer application is available from
Also see http://blogs.technet.com/msrc/archive/2009/05/18/microsoft-security-advisory-971492.aspx and