Archive

Archive for the ‘online safety’ Category

Experts: Don’t blame the victims of youth ‘selfies’

It’s a mistake to blame young people who take sexually explicit photos or videos of themselves when those images end up being redistributed over the Internet, according to experts who gathered in London this week to discuss a new study by the U.K.-based Internet Watch Foundation (IWF).

It’s also a mistake to assume that the images, sometimes referred to as “selfies,” were taken voluntarily by the children who appear in them.

Researchers analyzed sexually explicit pictures taken and supposedly shared by young people, and found that 89.9 percent of the images had been “harvested” from their original upload location and posted to other public sites. Moreover, 100 percent of the images the IWF analyzed depicting children 15 and younger were harvested and posted somewhere else.

The IWF study, which was conducted late last year and funded by Microsoft, analyzed 3,803 photos and videos that were believed to be of children and youth ranging from infants to 20 years old.

“What the IWF went to seek and what they found are quite different,” said Tink Palmer, Chief Executive Officer of the Marie Collins Foundation and moderator of a panel discussion about the emotional and behavioral aspects of producing such images. “We need to focus on definitions and understand that every picture tells a story about what’s happening to the children.”

Microsoft funded the IWF to repeat and expand similar research done three years ago. IWF’s 2012 study found that of the 12,000-plus images taken and shared by youth and examined by the IWF, 88.15 percent had migrated to “parasite websites” where people sometimes paid to download them. As part of our child online protection strategy, Microsoft was interested in learning whether the 2012 trend was continuing, and whether there was more to be gleaned regarding the content’s commercial availability.

What the IWF learned from the new study, however, was very different. The 2014 set of supposed selfies featured much younger children, thus making it all but impossible to refer to the images as “self-produced.” Indeed, experts agreed the latest content could be divided into three categories: (1) truly self-generated, (2) by-products of online “grooming,” and (3) results of outright coercion or “sextortion.”

“With the under 10 (year olds), we have to believe something coercive is going on,” said Professor Sonia Livingstone of the Department of Media and Communications at the London School of Economics. “It’s just another way that an already at-risk group is being further victimized.”

IWF was unable to ascertain (nor was such a determination in scope) the category into which each image might fall. The latest results are shocking and disturbing because of the younger-aged children and the heightened explicit sexual nature of the acts. In 2012, not a single image included a child believed to be 13 or younger, IWF said.

The London event, co-hosted by IWF and Microsoft, featured a second panel where experts discussed guidance for parents and educators, as well as ongoing technological efforts. The group offered advice for parents about webcams and how they operate, noting they’re no longer “a device that balances on top of a computer monitor.” They also called out simple messages for children, including “privates are private” and “speak up and tell someone” if something or someone makes them uncomfortable online or elsewhere. The event brought together 100 policymakers, child safety advocates, technology industry representatives and others to discuss the findings and to begin to chart a way forward.

All agreed the research indicated that different analyses and potential mitigation paths were required for the images involving older children versus those featuring children under 13. IWF agreed. “It is indisputable that coercion of young people to produce and/or share sexual content online must be referred to as a form of child sexual abuse,” said Sarah Smith, IWF’s lead researcher on the project. The content produced by the older age groups, meanwhile, could be regarded as more traditional “sexting.”

For our part, Microsoft will seek to create and deploy appropriate technology to help address the issue. In fact, as part of the U.K. government’s #WePROTECT Children Online initiative, Microsoft is leading a technology project about self-generated indecent images among youth. In addition, we will continue to raise awareness, help educate the public, and continue to partner with organizations like the IWF to ensure strategies and proposed “solutions” are research-based. Microsoft has agreed to again sponsor similar research by the IWF this year.

To read Part 1 of this two-part blog, which focuses on the study results and some Microsoft suggested guidance for parents, click here. To learn more about staying safer online generally, see this website.

 

 

 

 

Part 1: New data on youth “nudes” show disturbing trend

Young people around the globe are taking and sharing nude photos and videos of themselves, and the phenomenon appears to be occurring among younger and younger age groups, according to results from a new study sponsored by Microsoft.

Data released today by the UK-based Internet Watch Foundation (IWF) show 17.5 percent of the more than 3,800 sexually explicit photos and videos analyzed by IWF late last year were produced by young people believed to be under the age of 15. Meanwhile, 7.5 percent, or 286 images, were assessed as featuring children 10 or younger.

Even more startling is the severity of the content. The majority (72.4 percent) of the images depicting individuals believed to be 16-20 years old was classified as “Category C,”[1] with 27.6 percent deemed “Category B or A.” In sharp contrast, 46.9 percent of the images analyzed as featuring children 15 and under constituted Category A and B.

Print“The findings tell a distinctively different story from the research conducted in 2012,” said IWF Chief Executive Officer Susie Hargreaves. “However, our message around the ease at which content can be ‘lost’ online remains the same. Ninety percent of the imagery had been taken from its original upload location and copied to somewhere else. Whilst the 2012 study provided valuable insight into the increasing accessibility of sexual content depicting young people, this research reveals younger children and in some cases more explicit sexual behavior than we previously saw.”

Indeed, 85.9 percent of the images and videos assessed as depicting youth under 15 were taken via webcam captures from a personal computer or laptop. Just 8.5 percent were taken with a mobile phone, challenging the belief that the majority of “sexting” photos are captured via cell phone. IWF reported that, among this age group, 1.8 percent of the images were shot with a traditional digital camera.

I first learned of IWF’s work analyzing “indecent self-generated imagery among youth” some 18 months ago when Microsoft was refreshing its child online protection strategy. As noted, IWF had conducted a similar study in 2012 when it reviewed more than 12,000 nude images and videos taken and shared by youth. Those results showed that 88.15 percent of the content had migrated to so-called “parasite websites” where people downloaded the images, sometimes for a fee, and in all instances probably unbeknownst to the original explicit selfie-taker. IWF stresses there was “not a single instance” three years ago where a child was assessed as being 13 years of age or younger.

We approached IWF to see if the research had been repeated or was set to be re-run. An opportunity for collaboration emerged and the current research’s photos and images were analyzed over September, October and November 2014. We asked, in particular, that IWF examine the commercial aspects of the data given the 2012 results. A piece of “good news” from the current study is that only 1.7 percent of the 2014 data-set was assessed as being “commercially available.”

Parents who may be aware of this pattern of youth behavior are often confused by it. Others are hard-pressed to believe their kids would take part. To get some perspective, we’ve produced a new factsheet and offer some general guidance:

  • Talk to kids. Ask what they do online—favorite sites, games and activities. Be inquisitive, not judgmental. Let what’s learned serve as a basis for “house rules” on technology and web use.
  • Get help from technology. Family safety settings can help block harmful content, limit information-sharing and manage website access. Tell your children if you use these features and explain they’re intended to help keep them safe.
  • Discuss sexting—even if it’s uncomfortable. Start conversations early, and talk about peer pressure to sext. Listen for signs of coercion. Discuss risks and keep perspective.

To launch the research, Microsoft and IWF are co-hosting an event today at our London offices. “Youth selfies: The real picture – New insights and a way forward,” is bringing together parents, educators, policymakers and others to hear the data and discuss possible tools and resources. In Part 2 of this two-part blog, I’ll recap the event, perspectives shared and advice given. Meantime, to learn more about online safety generally, please visit this website.

[1] IWF’s category classifications are set out in the UK Sentencing Council’s Sexual Offences Definitive Guideline. Category C is defined as no sexual activity, but a prominent focus on the naked genitalia of the individuals shown. Category B includes sexual activity shy of any actual sex act, while Category A includes sex acts and other highly graphic sexual displays.

Safer Internet Day 2015: This year, “Do 1 (More) Thing” to stay safer online

February 10th, 2015 No comments

One year ago today, Microsoft asked people across the globe to #Do1Thing to stay safer and more secure online by taking what may have been a first step toward safeguarding their digital lifestyles. Today, on Safer Internet Day 2015, we want everyone to add to last year’s pledges and #Do1MoreThing to become cyber savvy. In addition, we’re launching new interactive resources for young people on the Microsoft YouthSpark Hub to further encourage safer online habits and practices.

Our goal is to help educate, engage and inspire people to better protect themselves and others online –all rooted firmly in the spirit of the Safer Internet Day 2015 theme: “Let’s create a better Internet together.” The hope is that each person’s one (more) thing will become a long-lasting best practice that will be shared with others and, in turn, lead to an ever-increasing number of safer online behaviors. Research shows that such effects can help create safer online experiences for every individual and a more secure online ecosystem for all.

privacy_IconLast year, some of the most popular “1 Thing” pledges included positive practices such as always using a four-digit PIN (personal identification number) to lock mobile devices; promises to convert to and use “strong” passwords for all devices and accounts and trying to refrain from constant phone-checking and instead “be present” in personal interactions. This year, visitors to the new online safety section of the Microsoft YouthSpark Hub may be further inspired by other online safety tips and ideas as well. One of my favorite parts of the new website is the opening section, designed to pull young people into the site, calling on them to: “Be awesome in real life and online.” From there, youth can explore comic strips, respond to polls and quizzes, and learn interesting facts and figures.

In addition, Microsoft is proud to again help sponsor the official U.S. Safer Internet Day 2015 event being held today in California. Managed by ConnectSafely.org, “Safer Internet Day 2015: Actions & Activism Toward a Better Net and World” is bringing together youth leaders, educators, policymakers, parents, Internet safety experts and representatives from the technology industry to focus not just on problems, but also on solutions for building a safer and better Internet.

When asked about this year’s theme, Larry Magid, co-director of ConnectSafely.org said Safer Internet Day’s “Let’s create a better Internet together” theme “reminds us that online and mobile safety are much more than just the absence of danger, but the presence of positive actions to improve not just the Internet but the world at large. It’s also a recognition that we’re in this together. Everyone— kids, parents, young adults, seniors, corporations, organizations and governments—has a stake and a role to play in making the Internet an even better tool for empowering the world’s citizens.”

Building on its near 20-year history in online safety, Microsoft remains committed to doing its part to help grow and shape a better and safer Internet for youth and, indeed, everyone.

For more information about staying safer and more secure online, I invite you to visit this site.

Get security updates for September 2014

September 9th, 2014 No comments

Microsoft releases security updates on the second Tuesday of every month.

How to check for the latest updates.

This bulletin announces the release of security updates for Windows, Microsoft Office, and other programs.

To get more information about security updates and other privacy and security issues delivered to your email inbox, sign up for our newsletter.


 

 

 

Get security updates for September 2014

September 9th, 2014 No comments

Microsoft releases security updates on the second Tuesday of every month.

How to check for the latest updates.

This bulletin announces the release of security updates for Windows, Microsoft Office, and other programs.

To get more information about security updates and other privacy and security issues delivered to your email inbox, sign up for our newsletter.

 

 

 

 

Congratulations! You’ve won $800,000!!

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)

  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)

  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)

  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed. 

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story. 

Congratulations! You’ve won $800,000!!

September 2nd, 2014 No comments

Well, maybe not.

But that’s just one of the many ploys that scammers send in their relentless efforts to part people from their money or sensitive personal information like passwords and account numbers.

Microsoft is asking people to take a survey of their experience with online fraud—what kinds of scams they’ve encountered (including those on mobile devices and Facebook), how concerned they are about online or phone fraud, and what steps they take to protect themselves.

In 2012, Microsoft fielded its first such study, interviewing 1,000 US residents to understand their exposure to, and perception of, online fraud and scams.

Respondents reported having encountered roughly eight different scams on average, with these as the top four:

  • Scams that promise free things or coupons (44 percent)
  • Fake antivirus alerts that imitate real programs offering virus repair but that download malware instead (40 percent)
  • Phishing scams using fake messages that mimic those of trusted businesses to trick people into revealing personal information (39 percent)
  • Fraud that features a request for bank information or money upfront from someone (such as a “foreign prince”) who needs help transferring large sums of money for a cut of the total (39 percent)

In the new survey, we’re interested in how scams and responses to scams might have changed since 2012. Are there different scams? What are the most common? Where are they most often occurring—on mobile devices? On Facebook?

Results of our last survey showed that nearly everyone (97 percent) took steps to safeguard their computers, but more than half (52 percent) did nothing at all to protect their mobile devices. So we’re particularly interested to see if these numbers have changed.

You can help us fight online scams and fraud by taking our survey.

We will release the results of the survey during National Cyber Security Awareness Month this October. Follow the hashtag #NCSAM to read the story.

5 passwords you should never use

August 29th, 2014 No comments

This is part three of three posts on stronger passwords.

Part 1: Create stronger passwords and protect them

Part 2: Do you know your kids’ passwords?

The news is filled with stories about hackers cracking passwords. You can help avoid being a victim by never, ever using these passwords:

  1. Password. Believe it or not, this is still a common password. Don’t use it.

  2. Letmein. We recommend that you use passphrases that are memorable. Just don’t use this one. It ranks high on several lists of the most-used passwords.

  3. Monkey. This common word appears on many lists of popular passwords. It’s also too short. Make passwords at least eight characters—the longer the better.

  4. Your pet’s name. While you’re at it, don’t use any passwords that can be easily guessed, such as the name of your spouse or partner, your nickname, birth date, address, or driver’s license number.

  5. 12345678. Avoid this and other sequences or repeated characters such as 222222, abcdefg, or adjacent letters on your keyboard (such as qwerty).

Bonus password tips

Don’t use the same password for multiple sites. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

Change your passwords regularly, particularly those that safeguard your computer, important accounts (like email or Facebook), and sensitive information, like financial and health data.

For more password guidance, see Create strong passwords.

 

5 passwords you should never use

August 29th, 2014 No comments

This is part three of three posts on stronger passwords.

Part 1: Create stronger passwords and protect them

Part 2: Do you know your kids’ passwords?

The news is filled with stories about hackers cracking passwords. You can help avoid being a victim by never, ever using these passwords:

  1. Password. Believe it or not, this is still a common password. Don’t use it.
  2. Letmein. We recommend that you use passphrases that are memorable. Just don’t use this one. It ranks high on several lists of the most-used passwords.
  3. Monkey. This common word appears on many lists of popular passwords. It’s also too short. Make passwords at least eight characters—the longer the better.
  4. Your pet’s name. While you’re at it, don’t use any passwords that can be easily guessed, such as the name of your spouse or partner, your nickname, birth date, address, or driver’s license number.
  5. 12345678. Avoid this and other sequences or repeated characters such as 222222, abcdefg, or adjacent letters on your keyboard (such as qwerty).

Bonus password tips

Don’t use the same password for multiple sites. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

Change your passwords regularly, particularly those that safeguard your computer, important accounts (like email or Facebook), and sensitive information, like financial and health data.

For more password guidance, see Create strong passwords.

 

Do you know your kids’ passwords?

August 27th, 2014 No comments

This is the second of two blog posts on password protection. Read Part 1: Create strong passwords and protect them.

Whether or not you should know all of your kids’ passwords depends on their age, how responsible they are, and your parenting values.

However, kids of any age and responsibility level need to know how to create strong passwords and how to protect those passwords.

Sharing is great, but not with passwords

Your kids should never give their friends their passwords or let them log on to their accounts. Also, be careful sharing your passwords with your kids.

3 strategies for strong passwords

  • Length. Make your passwords at least eight (8) characters long.

  • Complexity. Include a combination of at least three (3) uppercase and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.

  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

For more information, see Help kids create and protect their passwords.

Do you know your kids’ passwords?

August 27th, 2014 No comments

This is the second of two blog posts on password protection. Read Part 1: Create strong passwords and protect them. Whether or not you should know all of your kids’ passwords depends on their age, how responsible they are, and your parenting values. However, kids of any age and responsibility level need to know how to create strong passwords and how to protect those passwords.

Sharing is great, but not with passwords

Your kids should never give their friends their passwords or let them log on to their accounts. Also, be careful sharing your passwords with your kids.

3 strategies for strong passwords

  • Length. Make your passwords at least eight (8) characters long.
  • Complexity. Include a combination of at least three (3) uppercase and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.
  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

For more information, see Help kids create and protect their passwords.

Create stronger passwords and protect them

August 25th, 2014 No comments

All week we’ll be posting our best guidance on how to create, protect, and manage your passwords.

Passwords are your first line of defense against hackers. Pick passwords that are difficult to crack but easy for you to remember.

What does “difficult to crack” mean?

Each time cybercriminals hack into a database of passwords, they learn more about the kinds of passwords that people use. (Come back on Friday to read Part 3 of our password series on what passwords you should never, ever use.) Now, even passwords that we think are tricky can be guessed by cybercriminals who’ve harnessed the right technology to crack passwords.

The best passwords are the most unpredictable

Stuart Schechter and other colleagues from Microsoft Research have developed a free online tool that helps you avoid passwords that are predictable. Try the tool.

A strong password:

  • Contains at least eight characters.

  • Does not contain your user name, real name, or company name.

  • Does not contain a complete word.

  • Is significantly different from previous passwords.

  • Is different from passwords that you’ve used on other websites.

Get more advice on how to create strong passwords.

6 ways to protect your password

Once you’ve chosen a strong password, you can protect it from hackers by following a few simple rule:

  1. Don’t share your password with friends.

  2. Never give your password to people who call you on the phone or send unsolicited email, even if they claim to be from Microsoft.

  3. Change your password regularly.

  4. Tell your children not to share your passwords (or theirs) with anyone. Check back tomorrow for more guidance on how to help kids create and protect their passwords.

  5. Evaluate password managers and other password tools carefully.  If they keep all your passwords in the cloud, they should use encryption. If the service has problems, understand that you might be locked out of your accounts.

  6. Enable two-step verification. Two-step verification uses two ways to verify your identity whenever you sign in to your Microsoft account. Two-step verification is optional, but we recommend that you use it. Learn how to turn it on.

Learn more about how to protect your passwords.

Create stronger passwords and protect them

August 25th, 2014 No comments

All week we’ll be posting our best guidance on how to create, protect, and manage your passwords.

Passwords are your first line of defense against hackers. Pick passwords that are difficult to crack but easy for you to remember.

What does “difficult to crack” mean?

Each time cybercriminals hack into a database of passwords, they learn more about the kinds of passwords that people use. (Come back on Friday to read Part 3 of our password series on what passwords you should never, ever use.) Now, even passwords that we think are tricky can be guessed by cybercriminals who’ve harnessed the right technology to crack passwords.

The best passwords are the most unpredictable

Stuart Schechter and other colleagues from Microsoft Research have developed a free online tool that helps you avoid passwords that are predictable. Try the tool.

A strong password:

  • Contains at least eight characters.
  • Does not contain your user name, real name, or company name.
  • Does not contain a complete word.
  • Is significantly different from previous passwords.
  • Is different from passwords that you’ve used on other websites.

Get more advice on how to create strong passwords.

5 ways to protect your password

Once you’ve chosen a strong password, you can protect it from hackers by following a few simple rule:

  1. Don’t share your password with friends.
  2. Never give your password to people who call you on the phone or send unsolicited email, even if they claim to be from Microsoft.
  3. Change your password regularly.
  4. Tell your children not to share your passwords (or theirs) with anyone. Check back tomorrow for more guidance on how to help kids create and protect their passwords.
  5. Evaluate password managers and other password tools carefully.  If they keep all your passwords in the cloud, they should use encryption. If the service has problems, understand that you might be locked out of your accounts.

Learn more about how to protect your passwords.

What is a trusted device?

August 14th, 2014 No comments

When you try to view or edit your credit card details or other sensitive information in your Microsoft account, you might need to enter a security code first, to make sure that only you can get in to your account. But you can designate a computer or other device as a trusted device. On trusted devices, you don’t need to enter a security code each time you try to access sensitive information.

How many trusted devices can I have?

You can trust as many devices as you want. There is no limit. If you don’t sign in to a particular trusted device at least once every two months, it’s automatically removed from your Microsoft account. This safeguard helps keep your account more secure in the event that a trusted device is lost or stolen without you realizing it. You can always trust a device again later.

If you get an error, see how to sign into devices that don’t accept security codes.

9 ways to stay safe online this summer

July 17th, 2014 No comments

Summer is in full swing. Here are our best safety and security tips for the season.

  1. Don’t broadcast vacation plans on your social networking sites. If you’re leaving your home unoccupied and at risk for potential burglary, you might want to wait to post your vacation photographs until you return home. Get more tips for email and social networking safety.

  2. Limit who knows your location. Before you go on vacation, take a few minutes to adjust settings for sharing your location on your social networking sites and any apps on your smartphone. If you have kids who go online, make sure they know this, too. For more information, see Use location services more safely.

  3. Set computer and device rules for when you’re not around. If your kids are old enough to stay home alone when they’re not at school, make sure you talk to them about Internet safety. Download our tip sheet for pointers to jump-start—or continue—online safety conversations.

  4. Learn how to use parental controls. All Microsoft products include built-in privacy controls and safeguards that put you in charge of your children’s entertainment experiences and allow you to customize how personal information is, or is not, shared. Get step-by-step guidance on how to switch on safety settings across Microsoft technology and devices at home.

  5. Stay safe when playing games online. If your children’s summer sport of choice is the Xbox, Xbox One, Kinect, or other online or console game, learn about the core family safety features of Xbox One and find other ways to help kids play it safe.

  6. Update your software on your laptop or tablet. Before you go on vacation, make sure all your software is updated, to help prevent problems caused by hackers. If your laptop is still running Windows XP, read about the end of support for Windows XP.

  7. Check the security level of public Wi-Fi networks before you use them. Choose the most secure connection—even if that means you have to pay for access. A password-protected connection (ideally one that is unique for your use) is better than one without a password. Both Windows 7 and Windows 8 can help you evaluate and minimize network security risks.

  8. Avoid typing sensitive information on your laptop using an unsecured wireless connection. If possible, save your financial transactions for after your summer vacation on a secured home connection. For more information, see How to know if a financial transaction is secure.

  9. Watch out for suspicious messages from your friends on vacation asking for money. This is a common scam cybercriminals use when they’ve hacked into someone’s account. Find a different way to contact your friend. Learn more about scam email messages.

Trouble installing updates? Might be a case of bad timing

July 10th, 2014 No comments

This week we released security updates for the Windows operating system. If you have automatic updating turned on, your updates have probably already been downloaded and installed for you.

Learn how to get updates automatically

Even if you have automatic updating turned on, you might see an error message telling you that your updates were not installed.

Some errors are simply a matter of bad timing. Sometimes your updates don’t install because the website is too busy or you’re using a slow connection. You can usually fix these problems by trying to install the updates again.

For more information about solving connection problems, see:

Get advance notice about July 2014 security updates

July 3rd, 2014 No comments

Today, the Microsoft Security Response Center (MSRC) posted details about the July security updates.

If you have automatic updating turned on, most of these updates will download and install on their own. Sometimes you may need to provide input for Windows Update during an installation. In this case, you’ll see an alert in the notification area at the far right of the taskbar—be sure to click it.

In Windows 8, Windows will turn on automatic updating during setup unless you choose to turn it off. To check this setting and turn on automatic updating, open the Search charm, enter Turn automatic updating on or off, and tap or click Settings to find it. 

Learn how to install Windows Updates in Windows 7.

If you are a technical professional

The Microsoft Security Bulletin Advance Notification Service offers details about security updates approximately three business days before they are released. We do this to enable customers (especially IT professionals) to plan for effective deployment of security updates.

Sign up for security notifications

Get security updates for May 2014

May 13th, 2014 No comments

Microsoft releases security updates on the second Tuesday of every month.

Skip the details and check for the latest updates.

This bulletin announces the release of security updates for Windows, Microsoft Office, and other programs.

To get more information about security updates and other privacy and security issues delivered to your email inbox, sign up for our newsletter.

Tax scams: 6 ways to help protect yourself

March 20th, 2014 No comments

We’ve received reports that cybercriminals are at it again, luring unsuspecting taxpayers in the United States into handing over their personal information as they rush to file their taxes before the deadline.

Here are 6 ways to help protect yourself.

1.     Beware of all email, text, or social networking messages that appear to be from the IRS. Cybercriminals often send fraudulent messages meant to trick you into revealing your social security number, account numbers, or other personal information. They’ll even use the IRS logo. Read more about how the IRS does not initiate contact with taxpayers by email or use any social media tools to request personal or financial information.
2.       Use technology to help detect scams. Scams that ask for personal or financial information are called “phishing scams.” Internet Explorer, Microsoft Outlook, and other programs have anti-phishing protection built in. Read more about identity theft protection tools that can help you avoid tax scams.
3.       Check to see if you already have antivirus software. If a cybercriminal does fool you with a tax scam that involves downloading malware onto your computer, you might already be protected by your antivirus software. If your computer is running Windows 8, you have antivirus software built in. Download Microsoft Security Essentials at no cost for Windows 7 and Windows Vista. 
4.       Make sure the website uses secure technology. If you’re filing your taxes on the web, make sure that the web address begins with https, and check to see if a tiny locked padlock appears at the bottom right of the screen. For more information, see How do I know if I can trust a website and What is HTTPs?
5.       Think before you download tax apps. Download apps only from major app stores—the Windows Phone Store or Apple’s App Store, for example—and stick to popular apps with numerous reviews and comments.
6.       Be realistic. If it sounds too good to be true, it probably is. From companies that promise to file your taxes for free, to websites that claim you don’t have to pay income tax because it’s unconstitutional—keep an eye out for deliberately misleading statements.

The best time to change your password is now

January 30th, 2014 No comments

You can reduce your chances of being hacked by regularly changing the passwords on all the accounts where you enter financial or other sensitive information. Set an automatic reminder to update passwords on your email, banking, and credit card websites every three months.

Different sites have different rules for passwords that they’ll accept, but here is some basic guidance on how to create strong passwords:

  • Length. Make your passwords at least eight (8) characters long.
  • Complexity. Include a combination of at least three (3) upper and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.
  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites.

Learn more about how to create strong passwords and protect your passwords.

If you think someone has gone into your account and changed your password, learn how to recover a hacked account.