Monday Morning Cup of Coffee

This past weekend a friend sent me a link to an article detailing a tricky GMail phishing scheme that had been going around. You can read about it here. The short version is that the attacker used advanced techniques to make the address on a login page look like a legitimate Google address. It was not and entering your GMail credentials would expose them to the attacker. Google has since fixed the issue with an update to Chrome

Why bring up an old hack that has been fixed? Because it highlights the importance of keeping your operating systems and applications updated. Vulnerabilities and exploits are found all of the time and vendors are generally quick to release patches to fix those exploits. But the onus then lands on end user to install those updates. 

So what's the best way to do this at home? 

  1. Enable automatic updates in Windows. This is different for each version of Windows but this should be done automatically. It can be scheduled for the middle of the day or middle of the night - whenever is most convenient for you. 
  2. Enable automatic updates in your applications. Most apps include an automatic update feature. Popular browsers (Chrome, FireFox, Safari), Adobe products (Flash, Reader) and Java all support auto-update. 
  3. Don't ignore the auto-update prompts! I see this all the time. Generally update prompts happen when you login. A pop-up appears in the system tray at the bottom right of the task bar. Install those updates!
  4. Use a third-party update installer. The Ninite Updater is not free but it's only $9.99/yr. It doesn't patch every app but it has a list of 92 common apps that it will keep up-to-date. It will notify whenever apps need updating and a single click will get the apps done. There are other app updaters but none that I have found are as simple and effective as Ninite. 

Keep in mind that this does not guarantee 100% security but it greatly reduces the attack surface that malware uses. This is just one of the 7 layers of the security platform that we use to protect our clients but it's also an important part of securing your home computers.

If you have any questions or comments, please send me an email!

Have a great week!