Earl said:
OK, I have automatic updates turned on so that I am notified when
updates have been downloaded, leaving it to my option as to say go
ahead and install them. What's to prevent some hacker from sending
out "updates" disguised as coming from Microsoft? In other words,
is the update section of XP, or any other version, geared to
authenticate the received updates are in fact from Microsoft?
I did have automatic updates turned off and I would periodically
visit MS to download updates. However, with updates turned off,
all the settings I did to stop those constant reminders about my
update status never worked.
Automatic updates are handled essentially in the same way that your web
browser uses to visit web sites. That means you're not "opening up" any
additional vulnerabilities by enabling automatic updates. There are also
checks and balances throughout the updating process - things are not just
'willy-nilly' installed - no matter what your setting. I would say your
risk is greater clicking on an emailed attachment, not being behind a
firewall or visiting a malicious web site.
Is it possible?
Yeah - someone I guess could hack into your computer - change it if they
knew enough, get you to download from elsewhere, get passed the checks and
balances and start pushing things to your machine. That's one of the
reasons why I recommend setting your automatic updates to "Download and
Notify" - then you can do a custom install and view everything you are about
to install and check on the validity/need for each update.
