Download & Update Anti-Virus Software
Update Your Operating System
Patch Internet Explorer 6 or upgrade to Internet Explorer 7
Configure User Account Security
Disable Remote Assistance (Win XP)
Disable Unnecessary Applications
Download & Update Anti-Virus Software
To protect your computer against viruses and other security breaches, download anti-virus software and keep it updated. Anti-virus software for Windows computers is available at no cost to members of the UMass Amherst community.
Find out how to install and update VirusScan - the anti-virus software for Windows XP.
Update Your Operating System
Security breaches occur most often on systems that are not up-to-date. Protect your computer by keeping it updated with the latest patches, updates and drivers from the Windows Update Web site. Learn how...
Patch Internet Explorer 6 or upgrade to Internet Explorer 7
Patch IE6
Serious security issues have been identified for Microsoft Internet Explorer 6. Even if Internet Explorer 6 is not your main Web browser, but you have it installed on your computer, you must patch it immediately. To do so:
- Go to http://www.microsoft.com/downloads/. Find and click Internet Explorer 6 Service Pack 1.
- On the Download Details page, click Download (upper right corner).
- Click Open to run the setup, then follow the instructions on the screen.
- Restart your computer to complete the installation.
Download and Install IE7
- Go to http://www.microsoft.com/downloads/. Find and click Windows Internet Explorer 7 for Windows XP SP2 (IE 7 is included by default with Windows Vista).
- On the Download Details page, click Download (upper right corner).
- Click Open to run the setup, then follow the instructions on the screen.
- Restart your computer to complete the installation.
Configure User Account Security
Create a User Account
Many users log in as 'Administrators' for every computer session. While administrative privileges are necessary for software installation, viruses and trojans are most harmful when entering via an Administrator Account. We recommend that you always log in with a User Account for everyday use. To create a User Account:
- Go to Start > Settings > Control Panel > User Accounts.
- On the Users tab, click Add.
- In the Add New User window:
- In the User Name field, enter a name, then click Next.
- For the level of access, select Standard User, then click Finish.
- The new user name should appear under Users for this computer on the User tab.
- Log out of the administrator account by hitting CTRL-ALT-DEL and selecting Log Off, then log back in as the new user.
To switch to the Administrator Account, use the Run as... feature:
- Press Shift and simultaneously right-click on any application icon.
- Select Run as... from the drop-down menu.
- In the Run as Other User window, enter your Administrator user name and password. Click OK.
Set up a password for the Administrator Account
Most hacked computers have either a poor password or none at all on the Administrator Account. To create a password for your Administrator Account:
Windows 2000
- Go to Start > Settings > Control Panel > Users & Passwords.
- On the Users tab, under Password for Administrator, click on Set Password...
- Enter your password twice, then click OK.
Windows XP
- On the User accounts window, click Change an account.
- In the Pick an account to change window, click Administrator.
- In the What do you want to change about your account? window, click create a password.
- In the Create a password for your account window, in the Type a new password: field, enter the password of your choice.
- Re-enter the password in the Type the new password again to confirm: field.
- Enter a hint in the Type a word or phrase to use as a password hint: field in case you forget your password.
- Click Create Password.
Disable Guest Account
Intended for temporary users, Guest Accounts are an easy point of entry for hackers. We recommend that you permanently disable them.
- Go to Start > Settings > Control Panel > Users & Passwords.
- In the Users & Passwords window, select the Advanced tab.
- In the Advanced User Management section, click Advanced.
- In the Local Users & Groups window, select the Users folder (left panel). All system users will be listed in the right panel.
- Right-click Guest, then select Properties.
- In the Guest Properties window, select Account is disabled. Click Apply, then OK.
Require a user name & password for all users
Make sure everyone who uses your computer needs a user name and password to log in. To set up password requirements:
- Go to Start > Settings > Control Panel > Users & Passwords.
- In the Users & Passwords window, on the Users tab, select Users must enter a user name and password to use this computer.
- On the Users tab, under Users for this computer, check all accounts and make sure they all require a password.
Disable Remote Assistance (Win XP)
Remote Assistance is a Windows XP feature that allows remote access to your computer, commonly for troubleshooting purposes. To disable Remote Assistance and prevent others from taking control of your computer:
- Go to Start > Settings > Control Panel > System.
- On the System Properties window, select the Remote tab, then click Settings.
- Make sure Allow users to connect remotely to this computer is unselected. Click Apply, then OK.
Disable Unnecessary Applications
Disable Internet Information Services (IIS)
IIS is an application that allows your computer to become a server. Because IIS may threaten system security when you are online, we recommend that you de-activate it. To do so:
- Go to Start > Settings > Control Panel > Add/ Remove Programs.
- Click on Add/ Remove Windows Components.
- In the Windows Components Wizard window, make sure Internet Information Services is not selected. Click Next, then Finish.
Related Pages
Need Help?
If you encounter problems, submit an online Help Request.
- or -
Contact the OIT Help Desk at 545-9400.
