Posts Tagged ‘separate browser’

Friday, December 30, 2011 @ 02:12 PM gHale

After installing operating systems, most individuals rush to install applications that help them browse the web.

While quite a few users believe components such as Flash and Java are the only apps that allow access to certain content. With Flash and Java falling victim more frequently to forms of cyber attacks, there are safer, more secure, alternatives.

RELATED STORIES
Java Holes Bring Quick Exploits
Black Hole Kit Exploiting Java
Exploits Team on Java
Hackers Rejoice: Trouble Brewing with Java

There are those that use Java, but in reality they don’t need it. Its presence only gives cyber criminals the opportunity to exploit the device it is on, said researchers at F-Secure.

The main issue is Internet users confuse Java with JavaScript, a crucial component for the web.

“If you’re running Java, but not the latest version, you’re vulnerable. So either you have to check at all times that you have the latest version of Java — or get rid of it altogether,” said F-Secure’s Mikko Hypponen

After studying the infamous Blackhole exploit kit’s control panel, the experts discovered that more than 16,000 computers suffered a take over using the Java Rhino vulnerability.

If you really need Java for online banking or other Internet apps, one recommendation is for the user install the Java plug-in in a separate browser you utilize only for the specific tasks, although, many have discovered that after uninstalling the component, their daily activities do not suffer in any way.

“Also note that Chrome has been doing a good job in sandboxing or otherwise securing risky add-ons and extensions. Many Java exploits do not work against Chrome. Also, Chrome does not use an Adobe Reader plugin to render PDF files. This is good news, as Chrome is quickly becoming the most common browser on the planet,” Hypponen said.

The bottom line is third party components present security flaws that hackers can take advantage of. Those that need to use them should keep them updated at all times, but also check out the newer, more secure, alternatives.

 
 
Archived Entries