This week both Microsoft and AOL noted security issues which could have effected you if you use Internet Explorer or AOL.
Internet Explorer Hack
Any edition of Internet Explorer (IE) 6-11 is vulnerable to this new hack where visiting a booby-trapped site or image will allow a 3rd party user privileges to control the local computer account. The bad guys then can install malware, make new user accounts, etc. Really ugly stuff. The hack relies on Internet Explorer and Adobe Flash working together. The issue is severe enough that The US Department of Homeland Security is advising Americans from using IE until a fix is out. The best thing to do is switch browsers to Google Chrome or Mozilla Firefox. If you must use IE for a specific computer or business purpose, be sure to disable Flash. There are some more technical fixes possible, but they are complicated for the average user – see Microsoft’s website.
More info:
- Critical zero-day endangers all versions of Internet Explorer—and XP isn’t getting a fix
- Homeland Security: Don’t use IE due to bug
- Microsoft: No IE Patch For Windows XP
AOL Account Data Breach
AOL users account email addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions may have been collected by hackers who got into AOL’s systems. The issue became apparent when approximately 2% of AOL’s millions of users’ email addresses sent spoofed emails. These spoofs make it look like the mail came from you, usually with links to spam or leading to viruses to your friends. AOL is asking users to reset their password. You might also tell friends to which for any odd email from your AOL address. If you don’t have AOL, be leery of any odd email from any AOL addresses.
More info:
- AOL traces mystery spam flood to security breach; passwords and more stolen
- Millions of people still use AOL Mail. And now they have to change their passwords.
- AOL confirms email breach, tells users to change passwords
It is a dangerous tech world out there. Stay informed on any issues in security and use good computing habits. More than anything else, don’t let the hackers win! Don’t stop using tech because of such attacks; if you are smart/informed you can avoid many security issues.
[alert type=”standard”]Need some help with your technology security? Have any questions? Would you like an audit of your situation for ways it can be improved? Feel free to contact me.[/alert]