A security oversight common to many people is failing to keep their web browser up-to-date. These could be the same people who keep their computer operating systems current by uploading the latest security patch and who avoid opening email attachments from strangers. This inconsistent behavior often happens because they simply aren't aware that browsers present a security risk. If their browser auto-update setting isn't ticked, then their risk of suffering serious security consequences substantially increases with each passing year.
What are these consequences exactly? They're the effects of having your browser and possibly your computer infected with malware. The exact effect will depend on the type of malware. It might change settings on your browser so that your homepage is a website full of advertising, dangerous links, or dangerous downloads. Or it might simply redirect your browser to the site.
Other types of malware might lie dormant until you visit certain types of websites such as the login page of a bank. When this happens, an installed keylogger may start recording your keystrokes as you log into your banking account, and thereby record your login credentials.
How Your Browser Gets Infected
There was a time when getting infected required clicking a link, opening an email attachment, or downloading and installing "software." Today, you need only visit a malicious website to get your browser infected. This is often done using what's called an exploit kit that's installed on the server that hosts the website.
The exploit kit communicates with your browser in an effort to find and exploit a vulnerability in its code. If you aren't using an up-to-date web browser, it may be riddled with old vulnerabilities that were never fixed by security patch updates. In this case, the odds are good that the exploit kit will find one if not several of these.
Failing to update browser plugins and extensions is another way that browsers become infected. Adobe's Flash Player and Oracle's Java are two plugins that require regular updates because security vulnerabilities are regularly being found in them.
Your best defense against infection is to make sure your browser's auto-update setting is switched on. Delete all browser plugins you aren't using and keep the others updated. Don't assume that your plugins auto-update. If any lack this capability, you'll have to either manually update or delete them.
Failing to keep your web browser and its plugins up-to-date not only exposes your browser and computing device to infection, it also endangers the networks you use at work as well as the devices of your colleagues. For more information and answers to your questions, contact us.