Windows Secrets Newsletter • Issue 236 • 2010-03-18 • Circulation: over 400,000

By Robert Vamosi

The latest routers, security suites, and software patches can help protect your PC against today’s ever-more-sophisticated Internet attacks.

These security tools are easy to install, easy to maintain, and provide the average PC user with basic protection against viruses, botnets, Trojans, rootkits, and other types of malware.

Keeping your PC secure goes far beyond convenience — it can protect you against significant financial loss. That’s not hyperbole: according to the Internet Crime Complaint Center’s 2009 annual report (available from the IC3 site), Internet crime losses more than doubled through 2009 — to more than U.S. $559 million!

But it’s not hard to provide a reasonable level of basic security for any PC. For average PC users, the basic rule for keeping PCs secure has not changed — keep it simple, keep it up-to-date.

The WS Security Baseline summarizes the latest reviews from trusted computer test labs. The current status of these reviews will be periodically updated on the Security Baseline page at WindowsSecrets.com. (For now, that page simply redirects to this article.)

At its most basic, a PC security system can be viewed as four pillars:

• A router-based firewall
  
• An anti-malware software suite
  
• A way to stay up-to-date with security patches for both Windows and your applications
  
• A secure browser
  

Note: Windows Secrets does not have its own testing lab, so the top-rated hardware and software products shown below are based on a comprehensive review of published reports by multiple labs. These findings are for home users and small businesses; large businesses usually need more elaborate security products.

New top choice for router-based firewall

Most individual PC users get a router from their Internet service provider. But if that router needs replacing, or you want to upgrade to a faster or more-secure wireless network, the following are two fine choices:

• Linksys WRT400N: This basic wireless router, modestly priced at around $130, received high marks in a review by CNET. Other sites also lauded the device’s easy setup and strong set of basic features. This is a no-frills box, fine for most PC users.
  
  
• D-Link Xtreme N Storage Router (DIR-685): A PC Magazine review gave D-Link’s DIR-685 an Editor’s Choice award, and the router won high marks from other publications as well. A bit pricey at around $225, this innovative device includes an open bay for an optional 2.5″ internal hard drive (if you want network-attached storage) and a 3.2-inch color LCD digital picture frame — making it more than just another ugly black box. (See Figure 1.)
  
  Other DIR-685 highlights include 801.11n wireless and video streaming technology for devices and services such as xBox, iTunes, and BitTorrent. For security, the router offers not only encryption but also the ability to assign encrypted access to guests. Visit the router’s product page at D-Link for more information.
  

Figure 1. D-Link Xtreme N Storage Router (DIR-685) includes a digital picture frame to brighten your desk.

Security suites provide adequate protection

Security suites have had a mixed reputation in the past, mostly due to their deleterious effect on PC performance and because some were difficult to uninstall. But these impacts are less of a problem in the latest versions.

The benefit of a security suite for home and small-business users remains the same — one product to purchase, install, and update. A unified interface can also mean the various components are easier to access and configure than they are in a build-it-yourself suite.

UPDATE 2010-05-13: In the May 13 Top Story, Robert updates the list of top security suites, based on the latest test results by independent labs. He also includes top standalone security products advanced PC users can use to build their own suites.

Most of today’s top-rated suites cost $30 to $70 a year for protecting up to three PCs:

• In a close race, Symantec’s Norton Internet Security 2010 wins a plurality of honors as today’s top security suite. Norton Antivirus 2010 — a key component in the suite — earned high scores in a recent PC World review, where the editors noted its polished user interface. PC Magazine’s review of security suites gave Symantec’s product an Editor’s Choice award.
  
  The program pairs fine malware detection with a good range of new features such as anti-rootkit tools and behavioral analysis of new threats (which may stop a new malware app before there’s a security patch for it). The latest release continues to prove faster and less resource-hungry than previous versions, according to PCMag and other testers.
  

Beyond Symantec’s security suite, there are plenty of strong alternatives:

• McAfee Internet Security 2010 is much improved over previous years. There is an innovative new interface, and the protection is solid. Only the suite’s speed remains a lingering drawback.
  
  
• Once again, Kaspersky Internet Security 2010 is among this year’s top products. It provides solid protection against rootkits, but PC Magazine’s review noted the product’s higher-than-average list price.
  
  
• Microsoft Security Essentials is a free collection of security tools. It’s received generally good comments from Windows Secrets contributing editor Susan Bradley and senior editor Fred Langa. The consensus of testing labs such as Virus Bulletin (see below) assigns this package average malware detection and removal capabilities. Its best features are easy installation and a simple interface — which will appeal to less-technical PC users.
  

Advanced PC users can put together a custom suite of apps for little or no cost — but then again, maintaining a max-and-match set of programs is more difficult than installing a single security suite. If you’d rather assemble your own collection of security software, start by checking the findings of the following independent labs, which test components of antivirus software packages:

• AV-Comparatives.org’s list of recently tested antivirus apps.
  
• AV-Test.org’s comparison of AV test results.
  
• Virus Bulletin’s new Reactive and Proactive (RAP) test results (free registration required).
  

Sources for managing Windows and application patches

Susan Bradley and several other WS contributing editors recommend that you configure Windows’ Automatic Updates service to Notify me but don’t automatically download and install. Before installing any Windows updates, read Susan’s twice-a-month Patch Watch column (paid content) and other Windows Secrets articles to learn which patches are risky or otherwise undesirable.

The sites listed below deal with patches for Microsoft Windows, Microsoft Office, and non-Microsoft programs. The sites scan PCs and report on which applications need updating:

• Secunia: The company’s Online Software Inspector (OSI) (product page) runs in your browser, requiring no download or installation. Secunia’s Personal Software Inspector (PSI), by contrast, is a standalone program that installs on your PC (download site).
  
  If you find yourself forgetting to run either OSI or PSI after Microsoft releases its latest updates, you can sign up for Secunia’s automatic reminders.
  
  Currently in beta, Secunia’s Corporate Software Inspector (CSI) for enterprises is described on its product page.
  
  
• Shavlik: The company has migrated its update service away from the Google Desktop (which some analysts considered a privacy risk) and into its own site. As of this writing, the redesigned site can scan your PC for missing patches. New features — still under construction as of this writing — will let Shavlik automatically fix any problems it finds.
  
  
• Belarc Advisor: This free utility is downloaded from the vendor’s site. The program’s interface isn’t pretty, but Belarc does the job.
  
Finding the latest on browser vulnerabilities

The many remote attacks on Microsoft’s Internet Explorer over the years have pushed PC users to alternate browsers. Even those apps, however, can also have security vulnerabilities.

Secunia’s March 11, 2010, Firefox 3.6.x advisory page lists a significant vulnerability in the browser, for example. However, the lack of details concerning the flaw has led some people to suspect there’s no real problem. Lucas Adamski of Mozilla Security posted a comment on Secunia’s site, stating that Mozilla has received neither details of the vulnerability nor any direct contact from the discoverer.

For added safety when using Firefox, download the donationware NoScript add-on, available from the vendor’s site. This extension automatically blocks JavaScript and Adobe media files on a site-by-site or source-by-source basis, allowing you to override the blocks as needed. NoScript can also thwart clickjacking attempts and other Web nasties.

Secunia’s report on Google’s Chrome 4.x lists no unpatched security issues — which would appear to give Chrome a bit of a security edge over Firefox, at least for the moment.

In contrast, Secunia states on its IE 8 page that Microsoft has addressed only four of nine open security holes as of March 11, 2010.

Even if you don’t use IE for browsing, though, various important Windows services use Internet Explorer, so you must keep it updated.



Have more info on this subject? Post your tip in the WS Columns forum.


WS contributing editor Robert Vamosi was senior editor of CNET.com from 1999 to 2008, writing pieces such as Security Watch, the winner of the 2005 MAGGIE Award for best regularly featured Web column for consumers.