Advice Request Your Security Response towards Critical Vulnerabilities?

Please provide comments and solutions that are helpful to the author of this topic.

How to do attend to critical vulnerabilities?

  • Drop everything. Rush home and update your computer.

    Votes: 4 8.5%
  • Remote access your computer and update.

    Votes: 0 0.0%
  • Wait until the end of work. Go home and update your computer manually.

    Votes: 10 21.3%
  • End of work. Go home, turn computer on, let automatic updates do it's thing.

    Votes: 6 12.8%
  • Wait to use computer, then update.

    Votes: 23 48.9%
  • Do nothing.

    Votes: 4 8.5%

  • Total voters
    47

TairikuOkami

Level 35
Verified
Top Poster
Content Creator
Well-known
May 13, 2017
2,452
That depends, as for Windows, I update ASAP, even before the official release. As for the browser, I check About tab time to time, since I have the automatic update disabled, I see no reason to have a browser allowed to run with admin privileges whenever it wants to. Besides a sudden browser update can be an inconvenience.
 

mazskolnieces

Level 3
Well-known
Jul 25, 2020
117
The vast majority of reported critical vulnerabilities are blown way out of proportion. Just like most home users freaked out over Wannacry when the vast majority of them didn't even know what SMBv1 was, let alone were using it. This is the unfortunate, yet typical pattern of IT security things.
 

Freud2004

Level 10
Verified
Well-known
Jun 26, 2020
440
Sorry...it sounds wisely and professional but it's just a useless truism. It explains nothing ang gives any advice.
Really ? Do you think that the most hacks are made using special tools and well done malwares? No, 80% off the hacks are human hacks, 80% off the malware tools is the user o install them, open links, etc. Social hacking is the most common form off hacking, the human behavior are the weak part in security.
So, 80% off the times a hack is successful because human error, is the human behavior o fails, not the security solution....

Listen to darknet diaries, and see how the most extraordinary hacks begin, all are successful because some humans install something that should not be there.

Great hackers with skill to program and devolve great hacking tools are rare, Script kiddies are a lot, they just put that tool in a crack and wait for some user that install it, just wait for the human error. (Script kiddies, is this term still in use? In my time was the name to give too noob hackers)

Sorry for poor English ;)
 
Last edited:

YuanJiawj

Level 12
Verified
Top Poster
Well-known
Oct 9, 2014
579
80%
Really ? Do you think that the most hacks are made using special tools and well done malwares? No, 80% off the hacks are human hacks, 80% off the malware tools is the user o install them, open links, etc. Social hacking is the most common form off hacking, the human behavior are the weak part in security.
So, 80% off the times a hack is successful because human error, is the human behavior o fails, not the security solution....

Listen to darknet diaries, and see how the most extraordinary hacks begin, all are successful because some humans install something that should not be there.

Great hackers with skill to program and devolve great hacking tools are rare, Script kiddies are a lot, they just put that tool in a crack and wait for some user that install it, just wait for the human error. (Script kiddies, is this term still in use? In my time was the name to give too noob hackers)

Sorry for poor English ;)
Only 80%? virus, hack tools and malwares were developed by humans and it was not 80%. Many users download a lot of things and they don't care if they get infected or have a problem afterwards. "Advanced" users are concerned about the security and privacy of their data. Malwares, viruses and ramsomware will continue to exist as long as there are people who are not concerned about improving the security of their computers.
 

oldschool

Level 81
Verified
Top Poster
Well-known
Mar 29, 2018
7,044
The vast majority of reported critical vulnerabilities are blown way out of proportion.
This ...
I don't believe there is a queue of elite hackers, who don't sleep day and night to exploit a vulnerability in my OS or software. So I just turn the PC on and Windows does the rest. :D
And this! :D(y)(y)
 
F

ForgottenSeer 89360

You can’t say it’s always user’s fault, because there are scenarios where user doesn’t have to do anything. Targeted attacks are one case, where you might be in your office, browsing through your email and you see a colleague of yours sent you a critical document. You open the document and kaboom - your company now owes hackers USD 1 million in BTC to unlock files, critical to the core operation. Because ransomware typically features collateral movement, another colleague of yours won’t even do anything - files on their machine will get encrypted as well.

So whose fault is all that?
You might say user who downloads the document, but this user is not a threat analyst.
You might say the IT admin, but with so many holes and security vulnerabilities, it’s hard to keep up.

Another scenario is the Piriform CCleaner case, where users didn’t have to do anything to be infected. I have had fraudulent transactions (blocked by my bank), because my data has leaked from trusted websites.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top