Following the announcement on Saturday by Microsoft of a new remote code execution vulnerability, it tranpsires that, unsurprisingly, there are already active attempts by hackers to exploit it. If you click on a malicious website, or a website with a malicious advert or link, you are at risk. All Internet Explorer versions (6 to 11) are at risk for so-called 'drive-by' attacks.
The attack can give hackers the same user rights as the current user. So if you are logged in to your PC as an administrator the risk is compounded. As I point out in my book, it's best to use an admin account only where necessary, and certainly not for general web browsing.
Given that Microsoft is yet to issue a patch, a security update or a Fix it tool for closing the hole, one option being suggested is to avoid Internet Explorer.
Tuesday, 29 April 2014
Wednesday, 16 April 2014
“Virus Shield” app became a top-selling hit, with the help of some presumably fake reviews – but does absolutely nothing. The app was apparently downloaded 10,000 times at $4 before the plug was pulled by Google. ESET have a good guide to spotting scammy apps - I particularly like the suggestion that when downloading you should think like you were shopping on eBay. And not blindly trusting 5* reviews is perhaps the hardest thought to overcome, conditioned as we are to check, and trust, reviews on sites like eBay.