Updates!?! We don’t need no stinkin updates! Or do we…??
The average person runs into the dilemma of deciphering what’s a good download and what is a bad download. Especially when it pops up on your screen while you are cruising the web. Instinct seems to have turned to deny, deny, above all deny. This protects the computer from any risk of being infected by a compromised site or malicious one. This isn’t always the best logic. The problem often time lies deeper within. New weaknesses in Java can allow computers to become infected without your permission or any indication.
Yes, it will not even ask to infect the computer. No popups. And no, antiviruses are not a guarantee against them, because it is using software that is natively installed on the computer and trusted. I’ve witnessed several infections on computers that were up to date with rock solid antivirus, anti-malware suites, leaving the user wondering what they did wrong. All they did was visit a compromised site that had no visible symptoms but still gave them an infection.
Coincidentally, it sounds just like the flu I had this spring. Sneaky.
So, then what is a person to do? You have to go back to the root weakness and eliminate it before you are exposed. Immunize your computer with patches for the weaknesses. In June of 2011 Oracle released patches for 17 vulnerabilities in Java. Nine of which were given the highest severity rating. These vulnerabilities can be like gateways into your computer from the internet for viruses and malware. It uses the old version of Java that is on your computer against you. According to the critical update advisory from Oracle: “all of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.”
Similarly there are patches out for Flash, Active X, Operating Systems, and Web Browsers. The difficulty is in being able to tell what to install and from where, as it may hurt more than help. This is where having a good relationship with a computer consulting firm is invaluable. Don’t hesitate to call them and get their advice or request assistance, as it’s well worth the time up front for what it will save you down the road. As a computer consultant, I would rather prevent a costly crisis so that my customer’s time and resources can be used on what they are envisioning.