Your Daily Computer Security Tips

Confusion and problems are appearing with Windows Automatic Update (AU). Some users are complaining that AU installs updates without permission, at unexpected times. Sometimes your update settings can be changed without your knowledge or consent.

Take a look at your update settings by clicking (in Windows XP) Start, Control Panel, System, Automatic Updates. My preferred selection has always been the third option, “Notify me but don’t automatically download or install them”.

If a patch download is interrupted for some reason, your update settings might get changed, or you might not see the notification on the bottom right of your screen. Then the next time you shut down or reboot your PC, updates may suddenly and unexpectedly install.

Even if you select option three as above, updates may automatically download and install. Some users claim this problem has been going on for months.

Microsoft is aware of the problem, and is working on a fix. Others claim that certain popular security programs or a malware infection changes the AU settings. It is important to know when the updates are downloaded and installed on your computer, because they can sometimes cause problems. For example, a year ago a Microsoft patch cut the Internet connection of users who had the ZoneAlarm firewall installed.

Until we get the fix, before shutting down or rebooting, you can go to the Microsoft Update site and download and install all the updates you want. Cancel notification for the remaining ones. That should hopefully prevent any surprises.

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

Very professional-looking emails are circulating on the Internet, claiming to be updates for Outlook and Outlook Express. It really looks like a tech bulletin from Microsoft. The URL that you are supposed to click on to get the updates, is only slightly different from the real URL, which is update.microsoft.com.

Of course this is a phishing scam, so do not fall for it, even if it is a little more polished and sophisticated than usual. Microsoft does not send out emails advising you of updates. You have to go get them at the update site.

Mozilla has released version 3.5 of its Firefox browser. Firefox is now supposed to be more stable, and much faster than earlier versions. As usual, I suggest you wait a while before updating, to see if any bugs or incompatibilities turn up.

Microsoft has announced that Windows 7 will be released to the public on Oct. 22. What to do if you need a new computer now? No problem. Go to your favorite computer store, and find a special offer for a free upgrade to Windows 7 if you buy certain Vista PCs now.

Here is an oldie but definitely not a goodie. More than 1.3 million Americans have lost some cash to the fake check scam, either online, snail mail or by telephone. This scam has been around forever, but seems to be increasing in these tough times.

It works like this: You get a check in the mail, and you are asked to deposit it in your account. The check is supposedly for some kind of payment, lottery win, deposit, rent, etc.

Then suddenly the sender pretends to have a change of heart, or discovers the whole thing is an error, and asks for part or all of the money back. That is when you should STOP, take a deep breath, and go talk to your bank or a lawyer.

You are very probably being scammed, because after you return the money you will invariably find the original check was fake. You are now on the hook to your bank for the whole amount.

You should know that it actually takes weeks for a check to clear, or establish that it is in fact good. It may take even longer for overseas checks. Lawyers, business people and Internet experts have been roped in by these schemes, and their endless variations. Do not be one of them.

Google has issued a critical patch for its Chrome browser. The vulnerability can be used in a buffer overflow attack. This is a fancy way of saying a hacker could crash the browser, and run his own software on your computer.

And that, in turn, means he could seize control of your PC. Update now, if you use Chrome, if it has not updated itself automatically already.

Security company Sophos is warning that less than 24 hours after the death of Michael Jackson, spam emails are circulating that claim to contain “vital information” about his death. The emails do not contain malicious attachments, or even links to compromised or infected Web sites.

Rather, the object of the exercise seems to be to get you to reply, so that the spammer can grab your email address. Then you will receive much more spam. It could even lead to identity theft.

Other more dangerous emails and Web sites can be expected, of course, so be on guard. If you want information on the late singer, search for it yourself in a search engine or go to a news site.

Initially, so many people were searching on Michael Jackson that Google crashed. However, everything should be OK now.