Mike Dresser <[EMAIL PROTECTED]> wrote: > > Update NAV so it has current DEFs, set it to update daily, upgrade > > your copy of IE to 5.5SP2 plus all post-SP2 security hotfixes or to > > IE6.0SP1, and then visit Windows Update regularly (say once a month). > > Seems that 5.5SP2 isn't supported by MS anymore, judging by the insistance > of Windows Update to update you to 6.0SP1.
Well, IE 5.5 will likely fall off support (at least for most OSes) shortly after the next major IE version is released, so it does not surprise me that MS may be pushing people to move to the currently latest version. That said though, IE 5.5 is still officially supported. Anyway, the OP did not say what OS they were running and IE 6.0 is not an option if you are still running Win95... > And I'd say to visit Windows Update weekly, if not daily. Definately get > that virus scanner updating daily instead of the "whenever I, the user, > feel like it" mode that it's in now. I agree, but that said, very few Windows desktop OS vulnerabilities have been exploited in "in the wild" malware within three months of the vulnerability's disclosure and exceedingly few have been exploited within six weeks or less. Thus, recommending once-monthly updates to someone who has not been doing them at all should not impose such an onerous (remember, we are talking clearly security- ignorant, if not security-resistant, folk here!) additional load that they will quickly just say "screw it -- it's too much trouble...". -- Nick FitzGerald Computer Virus Consulting Ltd. Ph/FAX: +64 3 3529854