So how can Windows users protect themselves? Before you install any new software, you should perform some simple housekeeping on your operating system to make it safer. The first step is to check the Microsoft Web site for security updates and patches. If you have Windows 9x, Windows NT, or Windows 2000 Professional, point your browser to http://windowsupdate.microsoft.com and follow the links there to find the updates for your particular operating system. Alternatively, install Service Pack 1 for Windows 2000 and Internet Explorer 5.5 (on this month's cover CD), updates that patch several known security holes and bugs. See Here's How "Bugs and Fixes" on page 134 for more details.
In addition, David Ursino, Microsoft's product manager for the new Windows Millennium Edition, recom-mends disabling the File and Printer Sharing option that provides other computers access to a machine running any version of Windows. Go to Start-Settings-Control Panel and double-click the Network icon. In the dialogue box that opens, search the list of installed network components for "File and Printer Sharing for Microsoft Networks." If this item is present, highlight it and then click the Remove button.
Another way you can protect your-self is to use software that blocks Trojan horse programs. Any good antivirus package is designed to identify Trojan horses, but you must keep it up-to-date to defeat the latest subterfuges. You should also make sure your e-mail program is not set to open attachments automatically. And never open an attachment that comes from an unknown source.
These measures alone, though, will guarantee security for only a minority of PC users. "Unless you've installed your system from scratch, there's no way of knowing just how secure it really is," said Stuart McClure, coauthor of Hacking Exposed. Security breaches can occur on many fronts, typically through Internet software - like PC Anywhere, NetMeeting, or ICQ - that opens ports hackers can subsequently exploit. Even Microsoft's Ursino sees the need to add another layer of security. "If I were a user who had a home network with a persistent Internet connection," he said, "I would choose to have a firewall."