Important security fix, and Windows Update setup

Print Friendly, PDF & Email

Today’s tip isn’t really a fun or amazing thing you can do with your computer.  However, it is important if you use Internet Explorer with Windows.

IE logo


This past week Microsoft announced that there was a “security vulnerability” in Internet Explorer that could allow hackers to go in through the web browser and execute code.

Here is how it evolved over the period of a few days:

First, Microsoft announced the problem in a Security Advisory.  They explained the security issue (“Remote Code Execution”) and offered just one solution.  They recommended that people download and install something called the Enhanced Mitigation Experience Toolkit as a way to temporarily protect Internet Explorer from being compromised.  Of course, there was another solution – use a different web browser, such as Firefox or Chrome – but Microsoft would not suggest that, since Internet Explorer is their product.

Most technicians that were aware of the Security Advisory determined that the solution Microsoft was proposing (the EMET) was a bit too complicated for the average user to download, install and configure properly.  I installed it on a few client machines.  It’s not extremely difficult, but there are multiple steps involved so it would not be a 60 second task for an average Windows user.

Next, a couple of days later, Microsoft announced that they would shortly release a “Fix It” to solve the problem and patch up Internet Explorer.  What they call a Fix It is just a simple application that they make available for download, which anyone can download and run.  That’s it – it’s very simple.  The only problem is that most Windows users don’t even know about it.  So it would still only solve the problem for a very small percentage of people.

Finally, on Friday, Microsoft released a patch to this security hole as part of an out-of-band Windows Update.  This is unusual because Windows Updates are normally released on the second Tuesday of each month, or what is commonly known as “Patch Tuesday”.  They released this one separately because of the critical nature of the problem.

So, as long as you have Windows Updates set to download and install automatically, you will get the update and be fine.  In fact, there’s a pretty good chance you already have it.


Let’s take advantage of this opportunity to double check that you have Windows Updates set up properly.  This is important, so just take a second and do it.  It’s easy!

Click the Microsoft logo in the bottom left corner (used to be the Start button), then click on Control Panel.  In Control Panel, double click on the icon called “Windows Updates”.  On the left side, click on “Change settings”.

This window tells you when Windows updates will be downloaded and installed.  In the drop-down menu, you should choose “Install updates automatically (recommended)”:

Windows Updates

As you can see, I have mine set to install each day at 3 am.  That’s the default setting, so that’s when it happens unless you change it.  Keep in mind, the computer has to be on at 3 am for this to work.  If the computer is in “Sleep” mode, it will wake up to install the updates.  If it is actually powered off, the updates will install the next time you turn it on.  Of course, you can set the installation to happen any time of any day you wish.

For the other options in that window, it’s not that important if you check them or not.  I have all of them checked:

Windows Updates

but I find this stuff kind of interesting.  If you’re not a geek, you can check or uncheck them and it won’t make a big difference either way.


Share this post