Finding balance between supporting the technically savvy vs. the technically challenged

Some people embrace new methods and updated technology, while others cling to the old familiar ways. How do you find balance between supporting those two extremes?

——————————————————————————————————————-

A friend of mine, who also provides user support, was commenting to me recently about his frustration when people don’t take the time to learn new methods, keep things updated, or embrace new technology when it’s provided. He had a couple of specific issues he was frustrated with.

If seems that not all people he supports update their various e-mail distribution lists when they’re provided, and when others get left off future e-mail notifications, he’s the one who has to field the complaints. He’s in a position where he doesn’t have direct access to the computer users he supports (or their computers), and he has to rely on them to import updated e-mail address distribution lists on a regular basis. Only about half of them, he says, will regularly and immediately update their contacts list.

Another issue he’s been having is when some people don’t fill in pre-created forms on their computer. These specific forms are ones he’s created that would automatically tab to the fields that needed to be filled out, and then could simply be e-mailed back in their completed state. But many people, for some reason, would rather print out the form, fill it out by hand, scan it into a different file, and send back the scanned file. Why they didn’t take advantage of the easier and time-saving form that was provided is anybody’s guess.

I didn’t have an answer to his frustrations, but I suppose he just wanted a sympathetic ear to listen to him vent. I suppose I would call or e-mail the people who seem to be falling short and offer to lend whatever help they might need to get things right. If they continue to fall short, I’d continue to send them e-mails to keep reminding them. When you don’t have direct access to the people or their computers, like in his case, it could present a bit of a challenge.

Do you have any similar experiences finding balance between supporting the technical savvy versus the technically challenged (or, in some cases, the technically lazy)?

Change the registered owner of Windows XP the easy way

By: Greg Shultz

When you install any version of the Windows operating system, a part of the installation procedure prompts you to enter the user’s name and the name of the user’s company. This registration information is stored in the registry and can be changed by carefully editing the data with the Registry Editor. However, not everyone is comfortable with firing up the Registry Editor and delving into its data. Even if you’re familiar with editing the registry, it’s a time-consuming job. Wouldn’t it be nice if you could just pop open a dialog box and enter the new registration information? Well, now you can.

Note: This tool was originally published in October 2002 and is designed for Windows XP and earlier versions of Windows — not for Windows Vista or Windows 7.

I’ve developed the Registration Changer, a tool that makes quick work of this tedious task. To create the inner workings of the Registration Changer, I combined features made available by Windows Script Host and VBScript to create a script. Then, to give the utility a neat user interface, I packaged the script in an HTML Application (HTA). In this Daily Drill Down, I’ll introduce you to my Registration Changer utility, which is available as a free download, and explain how it works.

A closer look at the registration information

Registration information, which consists of the owner’s name and a company name (if specified), is stored in the registry as simple text strings. The owner’s name is stored in the RegisteredOwner key, while the company name is stored in the RegisteredOrganization key. Registration information is displayed on the General tab of the System Properties dialog box under the Registered To heading, as shown in Figure A.

Figure A

The user’s name and the name of the user’s company appear on the General tab of the System Properties dialog box under the Registered To heading.

This is fine as long as the user sticks with that system, but you’ll want to change the entries when they pass along the system to someone else in the company.

Back up!

Always use caution when working with the registry. Unintentional changes made to the registry can cause the system to crash. Always back up your system before opening the registry.

As you may know, the underlying structure of the registry in each of the Microsoft operating systems is very similar. However, there are slight differences. In the Windows 95, Windows 98, and Windows Me operating systems, the RegisteredOwner and RegisteredOrganization keys are stored in the key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion

In Windows NT, Windows 2000, and Windows XP, the keys are stored in the key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

Blank keys

Keep in mind that either or both of the RegisteredOwner and RegisteredOrganization keys can be blank. In other words, the keys exist in the registry, but they contain an empty string.

Automating registry changes

As I mentioned, manually editing the registration information stored in the registry via the Registry Editor can be a tricky and time-consuming operation. Fortunately, the Windows Script Host provides programming methods that allow you to quickly and easily automate the process of editing the registry. The two methods that I use in this script are the RegRead and RegWrite methods.

As its name implies, the RegRead method allows you to access a key in the registry and read the value stored in that particular key. Likewise, the RegWrite method allows you to change the value of any particular key in the registry.

The Windows Script Host actually provides you with one more method for making modifications to the registry, the RegDelete method. However, since the Registration Changer utility doesn’t really need to explicitly delete anything from the registry and because the RegWrite method can actually overwrite an existing value, I didn’t need to use the RegDelete method in the script. Nevertheless, it’s good to know that RegDelete is available.

In order to use the RegRead and RegWrite methods, you need to know the exact name of the key in the registry that you want to edit, as well as its exact path. You also need to know what type of data the key holds. Without getting into too much detail on this last point, there are actually four different data types that the registry contains: strings, 32-bit unsigned values, binary data, and expandable macro strings.

Installing the Registration Changer utility

Once you’ve downloaded the Registration Changer utility installation package, simply double-click the RegChange Installation.exe file. When you do, the installation program will prompt you to choose a folder in which to install the application. If the folder doesn’t exist, the installation program will create it for you.

After you install the Registration Changer utility, you’ll see the following two files in your chosen folder:

RegChange.hta

RegChange.ico

Of course, the RegChange.hta file is the HTA file that you’ll use to launch the application. The RegChange.ico file contains the icon that the HTA uses for the control menu and the taskbar.

Using the Registration Changer utility

Using the Registration Changer utility is easy. After you install the utility, just double-click the HTA file to launch it. If you prefer, you can create a shortcut to the HTA file and place it on your Start menu. Once you launch the Registration Changer utility, you’ll see the main screen shown in Figure B.

Figure B

The Registration Changer utility makes it easy to change registration information.

To begin, you need to select the operating system you’re using. As you can see, the operating systems are grouped according to the location in the registry in which the RegisteredOwner and RegisteredOrganization keys are stored. If you fail to select an operating system and click either the Display or OK buttons, you’ll see the error message shown in Figure C. When you click OK, you’ll be returned to the main screen and can start again.

Figure C

If you fail to select an operating system before you proceed, you’ll see an error message.

Be sure to select the correct operating system

It’s imperative that you select the correct operating system for this operation to be successful. If the operating system is incorrect, the Registration Changer will apply the changes to the wrong location in the registry. When that happens, the registration information you wanted to change will remain unchanged, and unnecessary garbage will be added to the registry. If you happen to apply the changes to the wrong operating system, you can easily remove the unnecessary garbage by running the utility again and leaving the text boxes blank.

After you select an operating system, you may want to see the current registration information for the system. Just click the Display button. When you do, you’ll see the current registration information displayed in the dialog box, as shown in Figure D.

Figure D

The Registration Changer utility can display the current registration information before you make any changes.

If you want to change the registration information, just enter the text in the appropriate dialog boxes and click OK. When you do, you’ll be prompted to confirm the operation before you proceed, as shown in Figure E.

Figure E

Before the Registration Changer makes any changes to the registry, it gives you a chance to abort the operation.

If you select No, you’ll be returned to the main screen and can start over. If you click Yes, the Registration Changer will apply the changes to the registry. You can then instantly check the results by clicking the Display button. When you’re done, just click Cancel or click Close, and the main Registration window will close.

Blanking out registration information

If you prefer to simply blank out the registration information rather than enter new names, just leave the text boxes blank and click OK.

That’s all there is to it. The Registration Changer makes it easy to edit the registry without fear. As I stated earlier, be sure to back your system up before you go poking around in the registry. It’s not something you should do lightly.

Credits: www.techrepublic.com

Setting up Change Data Capture in SQL Server 2008

By: Tim Chapman

Change Data Capture (CDC) is a new native feature in SQL Server 2008 Enterprise Edition.

——————————————————————————————

Auditing database data is no easy task, but it’s absolutely required for most industries. In a previous column, I showed how you can use some native SQL Server functionality to do a decent job of capturing data changes.

The inherent problem with capturing these data changes is that it requires triggers on the base table. These triggers can either immediately enter the data into auditing tables or use Service Broker functionality to capture the data at a later time. In either event, the initial capture has to be done in the scope of the original transaction. In SQL Server 2008, the Change Data Capture (CDC) feature allows you to capture data changes much more easily and without the use and overhead of triggers.

Setting up CDC

First, I want to create a database for the use of testing my scenarios. The statement below creates a database named CaptureChanges on your database instance:

CREATE DATABASE CaptureChanges
GO

To use CDC, I’ll need to enable it at the database level. The statement below calls the sp_cdc_enable_db system stored procedure, which enables CDC for the current database scope:

USE CaptureChanges
GO
EXEC sys.sp_cdc_enable_db
GO

To illustrate how CDC captures data changes, I’ll need a table to perform data changes. The script below creates a table named SalesHistory and inserts data into it:

IF OBJECT_ID('SalesHistory') IS NOT NULL
DROP TABLE SalesHistory
GO
CREATE TABLE [dbo].[SalesHistory]
(               
            SaleID int IDENTITY(1,1) PRIMARY KEY,               
            Product varchar(10) NULL,               
            SaleDate datetime NULL,               
            StatusID TINYINT NULL,               
            SalePrice money NULL
)
            GO
SET NOCOUNT ON
BEGIN TRANSACTION
            DECLARE @i INT
            SET @i = 1
            WHILE (@i <=500)
            BEGIN               
              INSERT INTO [SalesHistory](Product, SaleDate, SalePrice, StatusID)               
              VALUES ('Computer', DATEADD(ww, @i, '3/11/1919'), DATEPART(ms, GETDATE()) + (@i + 57), 1)               
                       
              INSERT INTO [SalesHistory](Product, SaleDate, SalePrice, StatusID)               
              VALUES('BigScreen', DATEADD(ww, @i, '3/11/1927'), DATEPART(ms, GETDATE()) + (@i + 13),5)               
                       
              INSERT INTO [SalesHistory](Product, SaleDate, SalePrice, StatusID)               
              VALUES('PoolTable', DATEADD(ww, @i, '3/11/1908'), DATEPART(ms, GETDATE()) + (@i + 29),8)               
                       
              SET @i = @i + 1
                       
            END
COMMIT TRANSACTION

GO

At this point, nothing in the SalesHistory table has been captured, as it is yet to be enabled for CDC. To use CDC for a particular table, the table must contain a Primary Key constraint or a unique constraint to uniquely identify the rows in the table. In the example above, I use an IDENTITY column for my Primary Key constraint.

To enable the table for data capturing, I’ll need to run a system stored procedure and pass in the table name. (The SQL Server Agent should be running when you run this stored procedure.)

EXEC sys.sp_cdc_enable_table
@source_schema = N'dbo',
@source_name   = N'SalesHistory',
@role_name     = NULL,
@supports_net_changes = 1
GO

Now I’m going to update an arbitrary set of records in the SalesHistory table. Because I now have CDC enabled for this table, the data changes should be captured by the CDC system.

UPDATE s
SET SalePrice = SalePrice + 1
FROM SalesHistory s
where SaleID % 13 = 0

If the CDC schema had not already existed in the database, the above procedure call would create it. All CDC tables will belong to this schema.

When the CapturesChanges table is enabled for CDC, two SQL Server Agent jobs are created. One job uses the LogReader to capture changes while the other job is used to clean up older messages. The job names created are listed below:

cdc.CaptureChanges_capture

cdc.CaptureChanges_cleanup

CDC has system tables that are created when CDC is enabled. The main one to concern yourself with at first is the actual data that stores the audited data. A SalesHistory_CT table is created when I enable the SalesHistory table for CDC. Data changes are captured in this table, along with a few housekeeping columns that CDC uses for reporting changes to data. Notice that this table belongs to the cdc schema.

Credits: www.techrepublic.com

Improve multiple-monitor support with DisplayFusion

Author : Greg Shultz

One of the nice features in Microsoft Windows Vista is its built-in support for multiple monitors. I’ve been taking advantage of a multiple-monitor configuration ever since the feature first became available in Windows 98, and now I feel cramped if I have to work on a system with only one monitor.

One of the biggest advantages I find to a multiple-monitor configuration is the amount of time and effort I save when doing any type of multitasking, i.e. running multiple applications. Rather than maximizing and minimizing windows to switch between applications, I simply turn my head from one monitor to the other.

For example, my multiple-monitor configuration consists of three monitors — a 19-inch monitor flanked by two 17-inch monitors. When I’m researching and writing a technical article, I have Internet Explorer running on the left monitor and Word running on the center monitor. As I track down relevant information, I can easily jot down notes in my Word document. If I need to double-check anything on the Web page, I just glance over. The right monitor is running Outlook, so as I’m doing my research I can glance over at my Inbox when new e-mail arrives and quickly determine if it’s important enough to interrupt my research/writing to deal with.

Of course, this is just one example, and I normally have more than one application running on each monitor. But the point is that a multiple-monitor configuration can really help you increase your efficiency when multitasking. While it’s great that Windows provides you with built-in support for multiple monitors, it’s too bad that they didn’t take the next step and provide you with some additional functionality. Fortunately, Jon Tackabury at Binary Fortress Software stepped up to the plate and created DisplayFusion. This handy utility allows you to really take advantage of multiple monitors by providing you with a host of features that will help you get the most out of a multiple-monitor configuration.

In this edition of the Windows 7 and Windows Vista Report, I’ll introduce you to DisplayFusion and show you some of my favorite features.

This blog post is also available in PDF format in a free TechRepublic download.

Getting DisplayFusion

There are two versions of DisplayFusion: a free, but limited, version, which is available in the TechRepublic Software Library, and the Pro version, which sells for $20. However, you can download a license key and get a 30-day trial of the Pro version. You can check out the Comparison page and download a copy.

Once you download and install DisplayFusion, you’ll find its icon in the system tray and will be able to access and configure all its features from there.

Multi-monitor taskbar

Of course, one of the primary reasons for adding additional monitors to your Windows system is to expand your screen real estate. So why not carry this idea one step further with the Multi-Monitor Taskbar feature, which allows you to expand the Windows Taskbar by placing a taskbar on the bottom of the screen on each secondary monitor. To activate and configure this feature, you’ll right-click on the DisplayFusion icon and select the Multi-Monitor Taskbar command, as shown in Figure A.

Figure A

To enable the Multi-Monitor Taskbar, just select the command.

As soon as you enable Multi-Monitor Taskbar feature, a taskbar appears on each monitor and immediately shows those applications that are open on that particular monitor. This alleviates the overcrowding of the main Taskbar that is a normal occurrence in a multiple-monitor configuration. In addition, this feature can save you time and frustration as it makes it easy to keep track of which applications are open on which monitor. And best of all, when you move a window from one monitor to another, you don’t have to Restore Down the window first — you can just click and drag a Maximized window from one monitor to the next. And when you do so, Multi-Monitor Taskbar keeps track of the window, such that it displays the task on the appropriate taskbar.

Desktop wallpaper

While not as mission critical to the efficiency of a multiple-monitor setup, DisplayFusion’s Desktop Wallpaper configuration option is still a really nice feature. For example, you can stretch a single image across all monitors or you can have a separate image on each monitor (Figure B). You can even configure randomly changing images from your computer or Flickr.com. You can change the color selection to grayscale or sepia tone, reposition the images on each monitor, and much more.

Figure B

Stretch wallpaper across multiple monitors.

Settings

On the Settings window, you’ll find a host of additional configuration options that will allow you to tweak settings, assign hotkeys, adjust the Multi-Monitor Taskbar feature, as shown in Figure C, and much more.

Figure C

On the Settings window, you can make all sorts of additional adjustments.

Credits: www.techrepublic.com

The 10 faces of computer malware

Author: Michael Kassner

With all the different terms, definitions, and terminology, trying to figure out what’s what when it comes to computer malware can be difficult. To start things off, let’s define some key terms we’ll use throughout the article:

• Malware: Is malicious software that’s specifically developed to infiltrate or cause damage to computer systems without the owners’ knowledge or permission.

• Malcode: Is malicious programming code that’s introduced during the development stage of a software application and is commonly referred to as the malware’s payload.

• Anti-malware: Includes any program that combats malware, whether it’s real-time protection or detection and removal of existing malware. Antivirus and anti-spyware applications and malware scanners are examples of anti-malware.

It’s important to remember that like its biological counterpart, malware’s number one goal is reproduction. Damaging a computer system, destroying data, or stealing sensitive information are all secondary objectives.

Keeping the above definitions in mind, let’s take a look at 10 types of malware.

Note: This article originally appeared as an entry in our IT Security blog. It is also available as a PowerPoint presentation and as a PDF document in our Downloads Library.

1: The infamous computer virus

A computer virus is malware that’s capable of infecting a computer but has to rely on some other means to propagate. A true virus can spread from the infected computer to a non-infected computer only by attaching to some form of executable code that’s passed between them. For example, a virus could be hidden in a PDF file attached to an e-mail message. Most viruses consist of the following three parts:

• Replicator: When the host program is activated, so is the virus, and the viral malcode’s first priority is to propagate.

• Concealer: The computer virus can employ one of several methods to hide from anti-malware.

• Payload: The malcode payload of a virus can be purposed to do just about anything, from disabling computer functions to destroying data.

Some examples of computer viruses currently in the wild are W32.Sens.A, W32.Sality.AM, and W32.Dizan.F. Most quality antivirus software will remove a computer virus once the application has its signature file.

2: The ever-popular computer worm

Computer worms are more sophisticated than viruses, being able to replicate without user intervention. If the malware uses networks (Internet) to propagate, it’s a worm rather than a virus. The main components of a worm are:

• Penetration tool: Malcode that leverages vulnerabilities on the victim computer to gain access.

• Installer: The penetration tool gets the computer worm past the initial defense mechanism. At that point, the installer takes over and transfers the main body of malcode to the victim.

• Discovery tool: Once settled in, the worm uses several methods to discover other computers on the network, including e-mail addresses, Host lists, and DNS queries.

• Scanner: The worm uses a scanner to determine if any of the newly found target computers are vulnerable to the exploits available in its penetration tool.

• Payload: Malcode that resides on each victim’s computer. This could be anything from a remote access application to a key logger used to capture user names and passwords.

This category of malware is unfortunately the most prolific, starting with the Morris worm in 1988 and continuing today with the Conficker worm. Most computer worms can be removed by using malware scanners, such as MBAM or GMER.

3: The unknown backdoor

Backdoors are similar to the remote access programs many of us use all the time. They’re considered malware when installed without permission, which is exactly what an attacker wants to do, by using the following methods:

• One installation method is to exploit vulnerabilities on the target computer.

• Another approach is to trick the user into installing the backdoor through social engineering.

Once installed, backdoors allow attackers complete remote control of the computer under attack. SubSeven, NetBus, Deep Throat, Back Orifice, and Bionet are backdoors that have gained notoriety. Malware scanners, like MBAM and GMER, are usually successful at removing backdoors.

4: The secretive Trojan horse

It’s difficult to come up with a better definition for Trojan horse malware than Ed Skoudis and Lenny Zelter did in their book Malware: Fighting Malicious Code:

“A trojan horse is a program that appears to have some useful or benign purpose, but really masks some hidden malicious functionality.”

Trojan horse malware cloaks the destructive payload during installation and program execution, preventing anti-malware from recognizing the malcode. Some of the concealment techniques include:

• Renaming the malware to resemble files that are normally present.

• Corrupting installed anti-malware to not respond when malware is located.

• Using Polymorphic code to alter the malware’s signature faster than the defensive software can retrieve new signature files.

Vundo is a prime example; it creates popup advertising for rogue anti-spyware programs, degrades system performance, and interferes with Web browsing. Typically, a malware scanner installed on a LiveCD  is required to detect and remove it.

5: Adware/spyware: more than an annoyance

• Adware is software that creates popup advertisements without your permission. Adware usually gets installed by being a component of free software. Besides being irritating, adware can significantly decrease computer performance.
• Spyware is software that collects information from your computer without your knowledge. Free software is notorious for having spyware as a payload, so reading the user agreement is important. The Sony BMG CD copy protection scandal is probably the most notable example of spyware.

Most quality anti-spyware programs will quickly find unwanted adware/spyware and remove it from the computer. It’s also not a bad idea to regularly remove temp files, cookies, and browsing history from the Web browser program as preventative maintenance.

Malware stew

Up until now, all the malware discussed has distinctive characteristics, making each type easy to define. Unfortunately, that’s not the case with the next categories. Malware developers have figured out how to combine the best features from different types of malware in an attempt to improve their success ratio.

Rootkits are an example of this, integrating a Trojan horse and a backdoor into one package. When they’re used in this combination, an attacker can gain access to a computer remotely without raising any suspicion. Rootkits are one of the more important combined threats, so let’s take a deeper look at them.

Rootkits: Completely different

Rootkits are in a class all their own, choosing to modify the existing operating system instead of adding software at the application level, like most malware. That’s significant, because it makes detection by anti-malware much more difficult.

There are several types of rootkits, but three make up the vast majority of those seen in the wild: user-mode, kernel-mode, and firmware rootkits. User-mode and kernel-mode may need some explanation:

• User-mode: Code has restricted access to software and hardware resources on the computer. Most of the code running on your computer will execute in user mode. Due to the restricted access, crashes in user-mode are recoverable.

• Kernel-mode: Code has unrestricted access to all software and hardware resources on the computer. Kernel mode is generally reserved for the most trusted functions of the operating system. Crashes in kernel-mode aren’t recoverable.

6: User-mode rootkits

It’s now understood that user-mode rootkits run on a computer with the same privileges reserved for administrators. This means that:

• User-mode rootkits can alter processes, files, system drivers, network ports, and even system services.

• User-mode rootkits remain installed by copying required files to the computer’s hard drive, automatically launching with every system boot.

Hacker Defender is one example of a user-mode rootkit. Luckily Mark Russinovich’s well-known application Rootkit Revealer can detect it, as well as most other user-mode rootkits.

7: Kernel-mode rootkits

Since rootkits running in user-mode can be found and removed, rootkit designers changed their thinking and developed kernel-mode rootkits. Kernel-mode means the rootkit is installed at the same level as the operating system and rootkit detection software. This allows the rootkit to manipulate the operating system to a point where the operating system can no longer be trusted.

Instability is the one downfall of a kernel-mode rootkit, typically leading to unexplained crashes or blue screens. At that point, it might be a good idea to try GMER. It’s one of a few trusted rootkit removal tools that has a chance against kernel-mode rootkits, like Rustock.

8: Firmware rootkits

Firmware rootkits are the next step up in sophistication, with rootkit developers figuring out how to store rootkit malcode in firmware. The altered firmware could be anything from microprocessor code to PCI expansion card firmware. This means that:

• When the computer is shut down, the rootkit writes the current malcode to the specified firmware.

• Restart the computer and the rootkit reinstalls itself.

Even if a removal program finds and eliminates the firmware rootkit, the next time the computer starts, the firmware rootkit is right back in business.

9: Malicious mobile code

In relative anonymity, malicious mobile code is fast becoming the most effective way to get malware installed on a computer. Mobile code is software that’s:

• Obtained from remote servers.

• Transferred across a network.

• Downloaded and executed on a local system.

Examples of mobile code include JavaScript, VBScript, ActiveX controls, and Flash animations. The primary idea behind mobile code is active content, which is easy to recognize. It’s the dynamic page content that makes Web browsing an interactive experience.

What makes mobile code malicious? Installing it without the owner’s permission or misleading the user as to what the software does. To make matters worse, it’s usually the first step of a combined attack, similar to the penetration tool used by Trojan horse malware. After that, the attacker can install additional malware.

The best way to combat malicious mobile code is to make sure that the operating system and all ancillary software are up to date.

10: Blended threat

Malware is considered a blended threat when it seeks to maximize damage and propagate efficiently by combining several pieces of single-intentioned malcode. Blended threats deserve special mention, as security experts grudgingly admit they’re the best at what they do. A blended threat typically can:

• Exploit several known vulnerabilities or even create vulnerabilities.

• Incorporate alternate methods for replicating.

• Automate code execution, which eliminates user interaction.

Blended threat malware, for example, may send an HTML e-mail message containing an embedded Trojan horse along with a PDF attachment containing a different type of Trojan horse. Some of the more famous blended threats are Nimda, CodeRed, and Bugbear. Removing blended threat malware from a computer may take several pieces of anti-malware, as well as using malware scanners installed on a LiveCD.

Final thoughts

Is it even possible to reduce the harmful effect malware causes? Here are a few final thoughts on that subject:

• Malware isn’t going away any time soon. Especially when it became evident that money, lots of money, can be made from its use.

• Since all anti-malware applications are reactionary, they are destined to fail.

• Developers who create operating system and application software need to show zero tolerance for software vulnerabilities.

• Everyone who uses computers needs to take more ownership in learning how to react to the ever-changing malware environment.

• It can’t be stressed enough: Please be sure to keep operating system and application software up to date.

Credits: www.techrepublic.com