Testing and revealing computer security myths like these was the basis for my just-released fifth book on computer security, Professional Windows Desktop and Server Hardening (http://www.amazon.com/exec/obidos/ASIN/0764599909/infoworldcom-20). It examines all the conventional wisdom about how to defend a Windows system, finds the strengths and the flaws in each approach, and recommends practical advice that really works.

It also contains dozens of important information tables, like the one that shows more than 180 places where Windows malware can hide (http://weblog.infoworld.com/securityadviser/archives/2006/05/where_windows_m.html), and contains more than a hundred specific security recommendations, ranked by criticality. But you don't have to buy my book to get the security recommendations -- you can download the table for free from my blog (http://weblog.infoworld.com/securityadviser/archives/2006/05/how_to_secure_w.html) and put it to use right away.