We try not to post a lot about cyber attacks, but in the past month there have been two very relevant vulnerabilities identified (read our prior post about the Heartbleed Bug). We recommend for our clients to read the following and take action where needed.
A security flaw has been found in all versions of Internet Explorer (versions 6-11) and in Flash Player yesterday that needs to be addressed. The security flaw, named CVE-2014-0515, “has the potential to give hackers the same user rights as the current user. That means a successful attacker who infects a PC running as administrator would have a wide variety of attack open to them such as installing more malware on the system, creating new user accounts, and changing or deleting data stored on the target PC” ( Read more about it here).
To address this, follow these three steps on every computer that uses Internet Explorer:
1. Please update Flash Player. This includes Mac users.
2. For the time being, do NOT use Internet Explorer. If you do not have another browser currently installed, please download and install either Google Chrome or Mozilla Firefox. (Remember to change the default browser to Chrome or Mozilla)
3. If you need to access a website that you know is only compatible with Internet Explorer, please bookmark that webpage and use IE only for that webpage. Use another browser for your normal browsing.
We also recommend you change your passwords regularly (we change ours quarterly).