There's a new virus on the loose, and as you might expect, it takes advantage of a vulnerability that's already been patched. In fact, Microsoft patched this particular Internet Explorer 5.5 flaw a full year and a half ago.
"Bugbear" is more than just a virus, which is especially disturbing. The malicious code has the capacity to collect information about your computer, including a log of keystrokes, and email all that off to a predetermined email address. The virus also makes sure it sends itself to any email address it can find on your computer, just to be social.
Expecting vulnerability-free software, especially from Microsoft, really isn't realistic. We can, however, expect patches to address discovered vulnerabilities; we just can't expect users to apply them. It's situations like this that make me wonder whether something like Windows Update should default to automatically download and install security patches without user input. I'd even settle for a simple first-boot dialog box asking users for permission to download and install security fixes automatically, but I suspect such a scheme would have many vocal opponents.
The best solution would be secure software, of course, but what about something more realistic? How do we protect users from themselves?
|Synaptics Clear ID FS9500 fingerprint sensors slip under phone screens||2|
|TR's 2017 Christmas giveaway: goodies from MSI, Antec, and OCZ||15|
|VESA DisplayHDR attempts to demystify HDR-capable monitors||16|
|BenQ EW277HDR brings HDR10 in reach of mere mortals||5|
|Intel Pentium Gold chips now have Silver siblings||34|
|Acer ProDesigner PE320QK is big on size and color accuracy||2|
|Thermaltake's Nemesis Switch has enough buttons for all your macros||17|
|Zotac Gaming MEK1 PCs have the requisite pieces of flair||9|
|Toshiba's latest hard drives store 14 TB without shingles||66|
|I liked it better when they called these chips "Atom". It was a more clear distinction. "Pentium Gold" is Kaby Lake. "Pentium Silver" is Gemini Lake (...||+11|