exploits

Analysis of Windows Updates Shows Removing Admin Rights Could Solve Most Issues

Episode 1061

An analysis of all the patches that Microsoft released in 2013 shows that nearly 100% of all exploits and vulnerabilities could be removed if administrator rights were revoked, and users ran as a limited user.

Admin rights key to mitigating vulnerabilities, study shows (ZDNet)…
http://www.zdnet.com/admin-rights-key-to-mitigating-vulnerabilities-study-shows-7000026428/

How can I protect my computer after Microsoft ends Windows XP support?

Episode 1057

Dan from Huntington Beach, CA

Dan uses Windows XP and is worried about security once Microsoft ends support for it on April 8th. Leo says that there will only be two more security patch Tuesdays between now and April 8th and once that's done, XP will no longer be supported. Leo says that once that happens, all XP users should pull their XP computers off the Internet completely. There are bad guys who collect flaws and exploits and take advantage of holes in the system. One such nasty thing is Cryptolocker.

Rare Exploit Reported on the Mac

Episode 1009

There's a report that someone sitting at your Mac can fiddle with the clock in OS X and gain access to your system. Leo says that having physical access to a computer can create a lot of security issues. It's something to be concerned about if you're going to lunch and leaving your computer open, but 99.99% of the time, this is much ado about nothing. Just create a screen saver password that's really good, and you're golden. Even better, turn on full disc encryption (called "file vault" on the Mac) and everything is safe until you log in.

Steve Gibson and the UPnP Bug

Episode 952

Steve Gibson joins Leo to talk about the UPnP bug. It's one of the most nefarious exploits out there and the media isn't talking about it because it's just too "geeky." Security groups scanned over 4.3 Billion routers connected online, looking for a vulnerability. There are hackers probing as well. It's stunning that over 81 million are vulnerable due to a bug in the router software that will give hackers access to their personal networks. Steve advises turning off UPnP in the router settings.