You just purchased the latest DELL computer, which comes pre-installed with Windows 7, McAfee antivirus software and a host of other applications. You want to connect Ethernet wire to your cable modem and start using the computer immediately. Windows is dangerously insecure when unpacked from the box, and there are a few things that you must do before you use it.
A.
New installation of Windows should be patched by installing the latest service packs and hotfixes
B.
Key applications such as Adobe Acrobat, Macromedia Flash, Java, Winzip etc., must have the latest security patches installed
C.
Install a personal firewall and lock down unused ports from connecting to your computer
D.
Install the latest signatures for Antivirus software
E.
Configure “Windows Update” to automatic
F.
Create a non-admin user with a complex password and logon to this account
G.
You can start using your computer as vendors such as DELL, HP and IBM would have already installed the latest service packs.
I wonder why this answer is not included:
B.Key applications such as Adobe Acrobat, Macromedia Flash, Java, Winzip etc., must have the latest security patches installed
As there are Adobe Acrobat vulnerability exits through which an attacker can gain access.
The only thing I can think of is that the question specifies, “…there are a few things that you must do before you USE it…” Technically, as soon as you work with an application, you have started USING the computer.
B. Key applications such as Adobe Acrobat, Macromedia Flash, Java, Winzip etc., must have the latest security patches installed
Doing so is super important these days. Adobe stuff and Java are hot attack vectors.
It should be noted that they are hot attack vectors because they are extremely powerful and useful.
And nowadays it’s not necessarily needed anymore that you create a non-admin user because since Vista there is UAC and you configure it accordingly. Win 7 is better in that regard (not that annoying).
ACDEF
Isn’t mandatory to set Windows Update as automatic, since you can do the updates manually, and recently we had a few know problems with updates to windows 7 and 8, that crashed the systems. Setting to manual, you can select even the critical updates, and avoid to download patches with bugs and errors. Install recent patches in applications from Adobe, Java, Winzip etc. is MANDATORY, since this apps have some critical bugs that are discovered recently, and can give control of the system to attackers that exploit this errors.