Reports surfaced earlier this week that a vulnerability had been found in Microsoft's Internet Explorer web browser, exposing users to serious malicious attacks. Today, Microsoft announced that there is a security patch available to fix the vulnerability.
The most newsworthy aspect of this story is that the security patch is available to Windows XP users. This is surprising because Microsoft officially ended support for XP on April 8th, leading many people to think, with good reason, that XP users were out in the cold on this one. Apparently, though, Microsoft decided to go ahead and give XP users the update, since the vulnerability surfaced so soon after the end-of-support date.
At any rate, we thought this would be a good time to remind our friends--especially those still running XP--of a few key tips for secure web browsing.
1. XP users should upgrade.
Don't count on Microsoft remaining charitable with security patches. The recent IE security vulnerability was such a big story because--at least in theory--the end of support means that security fixes like this one won't be available in the future, and around a quarter of the computers in the world are still running XP. If your computers are among that number, feel free to reach out to us to start strategizing an upgrade.
If you must continue to use XP, consider using another web browser, like Firefox or Google Chrome, since they will continue releasing browser security patches to XP users, at least in the short run.
2. Java is at the root of many browser security issues, including this one.
As we've written before, a good number of vulnerabilities that hackers find in web browsers have their root in the Java plugin. Users can prevent a number of attacks simply by disabling the Java plugin in their browsers.
3. Be wary of where you browse, and think about using a content filter.
Cyberattacks executed through web browsers really only happen when a user visits an infected website. While avoiding such websites may be more easily said than done, there are a few things you can look for. Many times, hackers will infect otherwise legitimate websites whose owners appear to have let their sites go to seed, so to speak. So, avoid websites that look like they haven't been updated in a while. And do not click links you receive in emails unless you are absolutely positive that you trust the sender, and that the sender is who he/she says he/she is.
Furthermore, we've found that content filters actually cut down on malware attacks by detecting and blocking infected websites--even those that do not contain objectionable content. Because they have become highly sophisticated in recent years, many filtering solutions also protect users from outdated websites that might carry malware. Feel free to contact us if you're interested in learning more about implementing a content filter.
And, as always, let us know if you have any questions. Unfortunately, these kinds of vulnerabilities are all too commonplace in the tech world. Still, with awareness and the right precautions in place, cybersecurity is attainable.