This blog complements my book, The Essential Guide to Home Computer Security, to help you keep your home computers and smartphones secure.

Tuesday, 29 April 2014

Avoid Internet Explorer? Serious un-fixed vulnerability being exploited

Following the announcement on Saturday by Microsoft of a new remote code execution vulnerability, it tranpsires that, unsurprisingly, there are already active attempts by hackers to exploit it. If you click on a malicious website, or a website with a malicious advert or link, you are at risk. All Internet Explorer versions (6 to 11) are at risk for so-called 'drive-by' attacks.

The attack can give hackers the same user rights as the current user. So if you are logged in to your PC as an administrator the risk is compounded. As I point out in my book, it's best to use an admin account only where necessary, and certainly not for general web browsing.

Given that Microsoft is yet to issue a patch, a security update or a Fix it tool for closing the hole, one option being suggested is to avoid Internet Explorer.
Enhanced by Zemanta

Wednesday, 16 April 2014

Fake Android security app gets to top position

“Virus Shield” app became a top-selling hit, with the help of some presumably fake reviews – but does absolutely nothing. The app was apparently downloaded 10,000 times at $4 before the plug was pulled by Google. ESET have a good guide to spotting scammy apps - I particularly like the suggestion that when downloading you should think like you were shopping on eBay. And not blindly trusting 5* reviews is perhaps the hardest thought to overcome, conditioned as we are to check, and trust, reviews on sites like eBay.