In recent times, few online security issues have worried businesses and users big time. Two security issues, in particular, have users changing their passwords and downloading updates regularly: The Heartbleed exploit an Internet Explorer control.
- Heartbleed is a security flaw impacting Web servers that use OpenSSL (Open Source Secure Socket Layer) cryptography. Cryptography is a technique to ensure a site’s safety.
- However, the security bug directly entered the system by exploiting the heartbeat extension.it basically created a pathway to see information in each heartbeat of the system operation. Once the server is infected by Heartbleed, hackers will be able to steal users’ session cookies and encrypted passwords.
- Cookies are small data bits stored in a browser, while you are surfing a site.
- Every time you visit a particular website, the Web browser notifies the server about your previous activity with the cookie. Cookies can load items you have used on a website, and store passwords and other sensitive information as well.
- According to a report, globally 17 percent of servers were susceptible to the Heartbleed exploit. A fix for the same was released on April 17, 2014, and majority of the sites have applied the fix.
- However, it is advisable to change passwords for the sites you frequently use.
- The bug did not impact The American Rental Association’s (ARA) sites since it uses a different method for SSL
- It is good to change passwords at least once every two months, whether it is for your shopping sites, financial sites, gaming sites, or social media, to prevent identity fraud or theft.
Internet Explorer Control
On April 26, 2014, another security issue involving Internet Explorer was identified. This exploit allowed a remote hacker to execute malicious code on a user’s computer.
- When a remote hacker infiltrates into the code, the person can redirect the system to follow the malicious code and not the original code. This means the hacker can control the system, use it at his own will and wish, or send spam emails.
- Unfortunately, you may never know that a hacker has gained control over your system.
- In order to be hacked by this flaw, a user would have to visit a site using the IE browser that a hacker has designed specifically to exploit this flaw. In most scenarios, a cybercriminal would send emails to users to try convincing them to click on a link that leads to an infected Web page.
- This security flaw only impacts IE versions 6 through 11. All other Web browsers are safe from this vulnerability. Microsoft has released a fix for the issue.
- While using Windows on your PC, ensure to check the updates regularly
- Windows updates are critical to download because they fix the exploited security flaws. Microsoft creates fixes for such issues that are included in the updates and issued when a problem surfaces. The Fixes are released on a weekly basis as well. Important updates are issued the moment a patch becomes available. Also, keep your anti-virus software updated.