As the title says “Don’t Panic!!” Instead, it is time to read up, comprehend and act to protect yourself from the latest epic security threat of 2010, titled Aurora. In the following paragraphs, we will explain (in easy to follow terms) what Aurora is, why you should care and what you should do next. Do not stop reading now! If you read even one of our articles from start to finish this year, this should be the one.
The internet has become a hostile place and it is up to you to protect yourself from the threats and attacks that WILL appear from time to time. The information and tools are there. You must simply educate yourself and be willing to invest a little time. A Threat Analyst (someone who studies these types of malicious attacks) recently posted a great comment on one of our articles that sums it up “Sorry folks, the internet isn’t very safe anymore. The moose out front should have told you.”
“Aurora” is the codename for a group of targeted malware attacks on the computers of the world. This “zero-day” attack (meaning it was meant to act fast, before anyone could respond with a security fix) has been in the news over the last few weeks and you may have heard about it. Aurora was originally thought to have exploited (or used) Adobe Acrobat Reader to infiltrate the computers of companies and individuals, but has since been linked more closely with Internet Explorer. Why Internet Explorer? Because almost every PC on the planet has a copy of Internet Explorer. (well, that might be stretching it, but you get the picture.)
This does not mean that you need to stop using Internet Explorer, or the internet for that matter. This is not the first or the last attack on a computer program. What we need to do is listen, learn and act. That is exactly what Microsoft has done and there are some security patches in place to protect you and I from this vulnerability. Microsoft has provided an in-depth Security Bulletin that summarizes the issue and details the affected software, but it is a bit confusing for the average user. Basically, it says that almost every version of Internet Explorer, from 5.01 to 8, is in need of a critical patch. That patch is available via the Windows Update tool that is available for anyone with a copy of Windows.
Act now! Before going to any other web sites and before you forget, visit the Microsoft Update service. If you have been running the standard Windows Updates (the little yellow shield that pops up in the system tray from time-to-time) you probably already have the most recent patch, which rolled out on the 27th. I checked my system and I received two patches that day that dealt with this issue. If you haven’t run the Windows Updates, you may have quite a few to install and it might be a lengthy process, but you need to see it through. It’s the only way you know you will be protected (for now) when using Internet Explorer.
Pass this information on. Your friends, family and co-workers might not be aware of these attacks or how to protect themselves. You can click on ShareThis below or simply copy and paste the URL above into an email.
What Have We Learned
- UPDATES: As we have pointed out many, many times, it is important to keep your system updated and protected. This includes Windows updates, program updates and antivirus updates. Avoid legacy versions!
- GOOD ANTIVIRUS: Some antivirus programs do much more than simply protect against viruses and may have blocked the Aurora attack.
- BACKUPS: It is possible that this attack could have wiped out some systems. If that happened to you, would your information, pictures and videos be lost forever? Make sure you are performing regular backups.