Keeping Up with Windows 2000 Security

Trying to keep up with all of the bug fixes, patches, service packs, security fixes, and antivirus updates that you need to apply to your Windows 2000 Professional system can be a full-time job. Power users or part-time IT support people can probably get by with updating systems with the latest antivirus definition file and installing the most recent service pack. But if you expose your system to the Internet, either at home, while traveling, or in your small office/home office (SOHO) work environment, you really need to keep up with the latest security fixes available for your system.

Unfortunately, that task isn't easy. Security fixes aren't limited to the OS; many applications release security fixes and updates regularly, and keeping up to date is time consuming. I'm currently on a half-dozen or so mailing lists that specifically cover security bug fix releases, and at times the email traffic is overwhelming. Staying current with this information is part of my job, but this task isn't appropriate for someone whose job doesn't include this responsibility.

I can solve some of your security monitoring concerns—at least for Microsoft applications. Search the Microsoft TechNet database for security patches and fixes for your Microsoft environment. You can select from drop-down boxes that contain the product or OS that you're curious about and the current service pack level that you have installed (if applicable) and get a quick report on the available fixes from Microsoft, ordered by release date. For example, a search for fixes for "Windows 2000 Advanced Server with Service Pack 1 (SP1)" returned 34 bulletins dating back to February 2000. The same search using "Win2K AS base code" as the parameter returns 39 bulletins dating back to January 2000. Using "SP2" as the parameter returns only nine bulletins. So you can see that the appropriate search parameters simplify your security update tasks.

If you think you can handle the email from a Microsoft-specific security alert list, you can go here and sign up for its email notification service. An excellent feature of this notification service is that Microsoft digitally signs all of the messages it generates and provides a pretty good privacy (PGP) security key and fingerprint so that you can verify that the alert is real. I wish all vendors did this and publicized it to their users; it would reduce the number of email security and virus alert hoaxes that appear in my inbox every week.

If you think that you've discovered a new security problem with a Microsoft product, you can get feedback by going to the Microsoft security newsgroups. You don't have to load a newsreader to do this; you can access them at the following URL:

If you'd like a low-bandwidth, high-information source of current security information, I suggest you subscribe to our weekly Security UPDATE newsletter. You won't find a better, more targeted newsletter for the Win2K/NT professional.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.