Security Watch
Adobe Reader Flaw Hits Windows
Plus: Mobile attacks still in a learning curve, Facebook hole exposes private photos of members.
Adobe released word this week that a flaw in its older versions of Adobe Reader and Acrobat could cause a zero-day attack, which could lead to a system crash and/or hacker taking over your system.
While the company said it is actively working on a patch for earlier versions of its software (look for one to drop sometime next week), it says the smartest thing a user could do is to upgrade to the X version for both products. While the flaw is present in both, increased security for the newest versions will stop the vulnerability from being instigated.
So it looks like the only systems that are open for attack are those that haven't taken the time to download the free update. That also includes government contractor Lockheed Martin and research group MITRE, which both reported being targeted.
I don't know about you, but it doesn't fill me with a ton of confidence when a well-know government defense contractor won't even take the easy and necessary steps to make sure its software is up to date.
What about you? Are you guilty of being lax when it comes to updates of third-party software or do you immediately spring into action once a new version drops? Send your responses to [email protected].
Mobile Attacks Will Rise With Experience
According to a recent study by McAfee Labs, mobile devices will continue to grow as targets for hackers as attackers spend more and more time with the devices.
The report points to the fact that, unlike modern PCs, which have been around for more than 30 years (and them being in the hands of attackers for more than 30 years) mobile devices are still relatively new, causing more time for those wanting to hijack your device to get past the learning curve.
However, with the amount of personal data and the fact that many are always connected to the Internet, attempts on mobile devices, along with attack sophistication, will continue to grow as time passes.
McAfee also had an interesting tidbit that another factor in the difficulty of mobile attacks is that many of the OSes are built on Unix and Linux, which, compared to Windows, are pretty secure.
Does this mean that once devices start running OSes that are closer to their desktop counterpart (a la Windows 8), hackers will already have a leg-up when it comes to infiltrating them?
How concerned are you with mobile security? Do you take the same precautions with your phones and tablets as you do your desktops? Let me know at [email protected].
Mark Zuckerberg's Private Facebook Photos Leaked
Looks like he could buy virtually anything he wants -- but he's too cheap to buy a pre-prepared chicken.
Of all places for news on security holes, a popular bodybuilding Web site posted information on how you could access Facebook members' private photos without having permission to view them. Apparently, if you flag any photo as inappropriate, it grants you access to that member's library of photos so that you could flag (or peek) the rest.
This was demonstrated when private dinner and drinking photos of the Facebook founder leaked online. His company immediately sprang into action, releasing a statement that read, "This was the result of one of our recent code pushes and was live for a limited period of time. Upon discovering the bug, we immediately disabled the system, and will only return functionality once we can confirm the bug has been fixed."