Wednesday, December 29, 2010

Are you still using Internet Explorer 6?

You could be rolling out a red carpet invitation to malware if you're continuing to use Internet Explorer 6.

Internet Explorer 6 was released in 2001. IE6 was a big improvement over IE5, but it was never regarded as a highly secure browser. Over time, its exploitation by malware writers has become almost legendary, while web developers have long decried the difficulty of creating websites that are compatible with IE6 without degrading the experience of users who are utilizing more modern browsers.

Many computer users have switched over to alternate browsers for their primary web surfing needs; however, there are some sites that may not render properly in those browsers, and that's when Internet Explorer is useful, even if it's not your primary browser of choice. Therefore, even if Internet Explorer is not your primary browser, it's very likely to be your secondary browser. As such, you should be using the most secure version of Internet Explorer available, and that version isn't IE6.

Vista came with IE7 and Windows 7 with IE8, and now Internet Explorer 9 has been released to excellent reviews, so much better choices than IE6 are available. Unfortunately, many XP users, for some unknown reason, still cling to IE6... even some users who have updated XP to Service Pack 3 are still slogging along with IE6, perhaps because it came with Windows XP or perhaps because they just don't realize the dangers inherent in using this obsolete browser. Although XP users cannot upgrade to IE9, they certainly can and should install IE8.

Recently, Google started phasing out support for IE6 for their various services, including YouTube. A vulnerability in IE6 was exploited by hackers who used it to launch a cyberattack against Google and other companies. Governments in China, France, Germany, and other countries as well, have advised users to move from IE6 to a more secure browser.

Microsoft will continue to support IE6 on XP computers with SP3 installed. However, there are plenty of hackers and malware writers who will view IE6 users as easy prey and will therefore continue to search for and take advantage of the vulnerabilities in this obsolete browser.

Remember, Microsoft has made better and more secure browsers available for your use, so take advantage of their availability and use them: If your operating system is Windows XP, then IE8 should be your Internet Explorer choice. If your operating system is Vista or Windows 7, you should install IE9.,9737.html

Surf smart.

Jane Edwards, MS-MVP
Consumer Security 2006 - 2011

Friday, April 9, 2010

Attention XP and Vista Users!


If you are running a version of Windows that will soon be unsupported, you need to be aware that once an operating system is no longer supported there will be no further Microsoft Updates issued for that operating system. If you are running XP SP2, or running Vista with no Service Packs installed, be forewarned that those unpatched operating systems will soon become prime targets for malware infestations unless you take steps to bring them up to date by installing the required Service Pack for your system.

What Does End of Support Mean?

Support for Windows Vista without any service packs will end on April 13, 2010. To continue support, make sure you've installed Windows Vista SP2.

Support for Windows XP with Service Pack 2 (SP2) will end on July 13, 2010. To continue support, make sure you've installed Windows XP Service Pack 3 (SP3).

IMPORTANT: The above mentioned Service Packs should only be installed on a malware free computer.

NOTE: 64 bit Windows XP SP2 will still receive security updates as there is no SP3 for 64 bit XP.

Support for Windows XP SP1 ended on October 10, 2006.

So, if you haven't updated to the latest available Service Pack for your operating system, DO IT NOW!

Jane Edwards, MS-MVP
Consumer Security 2006 - 2011

Saturday, January 30, 2010

So, how's your antivirus doing?

If your antivirus is outdated and/or your subscription to virus definition updates has expired, do not make the mistake of thinking that as long as the antivirus product's icon is showing up in your system tray your computer is protected, nor should you lull yourself into thinking all is well because you scan your computer regularly with your outdated/expired antivirus.

Some people manage to convince themselves that they don't need an antivirus because they're "careful." They don't go to "bad" sites. They never open an e-mail attachment unless they know the person who sent it, and so on. Well, sorry... although those are all good practices, none of those things are enough to keep you safe without the use of a good antivirus. Every system needs an antivirus... an active antivirus. If you are running the same antivirus product that came with your three-year-old computer when it was brand new, and the subscription for virus definitions expired ages ago, you need to take action, NOW!

There are good paid antivirus products on the market and several free ones as well. I would advise that before you make your final selection you search the internet for reviews and opinions by everyday users of the various products. Paid ads are meaningless when making such selections.

You should also install a good antimalware product... one that can catch the things that an antivirus may not be designed to catch, such as spyware, adware, and various trojans. While a computer virus is malware that can copy itself and infect a computer without the permission or knowledge of the owner, trojans, just like the one in the Trojan War for which they are named, do not just come barging into your computer with a full frontal attack, they instead trick you into opening your gates and bringing them inside. Once inside, they do their dirty work.

New malware infections are discovered every hour of every day. Antivirus companies write "definitions" (like vaccine) for those infections as quickly as possible; however, it is understandably extremely difficult to create a definition to stop an infection that has not yet been created. Many antivirus developers try to do this to a certain degree by using heuristics, whereby the antivirus product looks for certain "earmarks" and, if found, may sound an alert and/or quarantine the suspicious file. It is not advisable to make these heuristics overly sensitive, lest they begin to erroneously identify good files as bad files.

It is important that we do not regard our antivirus and/or antimalware products as bullet-proof protection against any and all malware, as that only serves to give us a false feeling of security and makes us much more vulnerable to malware attacks. There is no antivirus, nor security suite, nor antimalware product that can protect us against the biggest danger faced by any computer... the person sitting in front of the keyboard. We must, therefore, be ever vigilant.

If you have a preference for a particular antivirus product, then use that one. Personally, I like an antivirus that is not bloated and has a small "footprint." If an antivirus slows my computer down, or is too intrusive, then that one is not for me. Use the one you like, but whichever one you choose, no matter how good it is, it will immediately become useless if its definitions are not kept up to date, so the subscription must never be allowed to elapse.

Surf safely.

Let's backup that data!

So, are you backing up your data? No? Why not? It's not really that hard to do and it can save you a world of misery.

Why do you need to back up your data? Well, it's because sooner or later some calamity will befall your computer and your data may be lost, corrupted, compromised, or just plain unavailable. There can be a number of reasons for this... perhaps you have a hardware failure, e.g., your hard drive dies. Maybe your operating system becomes corrupted, or your files cannot be accessed due to malware taking over your computer. Regardless of the reason, the outcome will be much happier if you have been backing up your data on a regular basis. If all else is lost, but you still have your data, it can easily be restored to a freshly formatted drive, a new hard drive, or even a new computer if it comes to that.

What's the best way to back up your data? That depends... you have to decide what method works best for you, and what suits your wallet as well.

Online Storage works well for those whose data is subject to frequent changes... you're always editing it or adding to it. Services, such as Carbonite and Mozy for example, can provide you with ample storage and automated backup and restore capability for a relatively low cost.

Network Attached Storage, or NAS, is something you may want to consider if you have multiple computers that require backing up. A NAS drive has a processor and will also have its own operating system. This device will allow all your computers to backup their data as well as share their data. It can also be set to perform automatic backups, which is a big plus.

An External Hard Drive may meet your needs if your data does not change frequently and/or you do not have the need to backup data from multiple computers. An external hard drive can simply be connected to a USB port on your computer and you can add your files to it as often as needed.

CD, DVD, or USB Flash Drive storage is adequate for smaller amounts of data. It's a simple matter to just drag and drop your files to the CD, DVD, or USB Flash Drive. This is a quick way to handle small amounts of data but isn't practical if you have gigabytes of frequently changing data.

Decide which method is the best one for you... or you may want to use a combination of methods. Whatever you decide, just make sure that it's something that's easy and convenient for you to use. The best backup media in the world will be completely useless if it's not the one that's right for you.

Remember, if you can't or won't use it, it's a poor investment.