Pinterest Stumbleupon Whatsapp
Ads by Google

You’ve perhaps heard of zero-day exploits, the security holes that hackers find in applications and operating systems that remain hidden until discovered by professionals. These exploits are responsible for some of the most devastating cyber attacks and hacks, and pose a genuine threat to your data and privacy.

It might seem like a desperate scenario, but several options are available to us if we wish to protect our PCs and other hardware from zero-day exploits. Here we take a look at what you can do to keep the hackers at bay.

What Is a Zero-Day Exploit?

It’s a strange term; how can an exploit be “zero-day”? Well, it’s all to do with the meaning of “zero-day”; rather than referring to “no days” it actually means the period between the exploit being uncovered by hackers, and the same vulnerability being discovered by the vendor and patched. Ideally, this would only be a matter of days at the most, but in reality, such security holes can be exploited for months without the developers taking action.

Our guide to zero-day vulnerabilities What Is a Zero Day Vulnerability? [MakeUseOf Explains] What Is a Zero Day Vulnerability? [MakeUseOf Explains] Read More tells you pretty much everything you need to know about the risks.

Suffice to say, if you’re using software that is being targeted due to such an exploit, you have a couple of problems. First, there is no way of knowing if a zero-day exploit is being employed. These vulnerabilities are kept a secret, so anyone using these exploits will be able to do so, in most cases, undetected.

Ads by Google

Second, and perhaps most concerning, is that once the exploit has been employed and used against you, you will *still* have no way of knowing until something happens. This might be something obvious like the lack of personal data on your PC, or something far worse – your bank balance emptied, your credit card maxed our… your identity stolen.

You don’t want to fall victim to one of these exploits, but as they’re undetectable, what can you do?

1. Make Sure Your Operating System Is Updated

Yep, it’s that old chestnut again: if your operating system (OS) is up to date, you’re already at an advantage. Whatever OS you’re running, simply engage with the usual method of checking for updates, and if they’re available, download and install them.

updates

Using an older operating system? Well, you’re in trouble. MakeUseOf has been extolling the virtues of upgrading from Windows XP for quite some time now, so we’re astonished to learn that as of January 2016, Windows XP still has a sizeable chunk of the market, over 11% (11.42% to be precise; Windows 10 has 11.85% and Windows 7 a massive 52.47%).

Windows XP is virtually undefendable as an OS. You can install all of the security software you like, but if you’re looking to protect against zero-day exploits, the holes in the operating system are there, waiting to be probed open. With no more patches coming from Microsoft What's Next? Support Ends for Microsoft Security Essentials on Windows XP What's Next? Support Ends for Microsoft Security Essentials on Windows XP When Microsoft stopped supporting XP in 2014, they also announced that Microsoft Security Essentials would no longer be available, with updates for existing users available for a limited time only. That limited time has now... Read More , it’s the equivalent of driving around in a rusty old car and pretending that the bottom isn’t rotting away.

Using Windows XP? Upgrade to Windows 7 Your Best Options for a Windows XP Upgrade to Windows 7 Your Best Options for a Windows XP Upgrade to Windows 7 It's time to let go of the Windows XP and upgrade to a secure operating system. This may be your last chance to upgrade to a relatively familiar Windows 7. We show you how. Read More  (and then onto Windows 10 7 Signs It's Time for You to Upgrade to Windows 10 7 Signs It's Time for You to Upgrade to Windows 10 We have given you many reasons to upgrade to Windows 10. If you're still uncertain, you should wait. For how long, you ask? Until you see the signs we've compiled for you here. Read More ) as soon as you can – the newer OS is far more secure 7 Ways Windows 10 is More Secure than Windows XP 7 Ways Windows 10 is More Secure than Windows XP Even if you don't like Windows 10, you really should have migrated from Windows XP by now. We show you how the 13 year old operating system is now riddled with security issues. Read More .

2. Install Strong Anti-Virus Software

Even if you are using a regularly updated operating system, the importance of keeping it secure should never be overlooked. We’ve espoused the virtues of free anti-virus (AV) tools 5 Best Free Internet Security Suites for Windows 5 Best Free Internet Security Suites for Windows Which security suite do you trust the most? We look at five of the best free security suites for Windows, all of which offer anti-virus, anti-malware, and real-time protection features. Read More and even looked at tools that can be run from your browser 7 Free Anti-Virus Tools For Your Browser: Scan Links Before You Click 7 Free Anti-Virus Tools For Your Browser: Scan Links Before You Click Viruses, malware, phished websites. Online mousetraps are lying in wait for some poor sucker to click on, so their computer can be added to the collection of zombie computers spewing out spam. Read More , but for the optimum results you really need to be using a full AV suite, complete with firewall, real time scanning, phishing detection How to Spot a Phishing Email How to Spot a Phishing Email Catching a phishing email is tough! Scammers pose as PayPal or Amazon, trying to steal your password and credit card information, are their deception is almost perfect. We show you how to spot the fraud. Read More , and a password manager (see below).

Various such suites are available, and once you have made your decision 4 Things to Consider When Buying a Security Suite 4 Things to Consider When Buying a Security Suite McAfee, Kaspersky, Avast, Norton, Panda - all big names in online security. But how do you decide which to choose? Here are some questions you need to ask yourself when purchasing anti-virus software. Read More based on budget and features, these regularly-updated tools will provide an extra layer of protection, detecting any oddly behaving applications on your system.

As soon as the exploits are discovered, and no longer have the zero-day status – that is, antivirus manufacturers are able to counter them – then your security suite will be updated, and the gap plugged. One of our favorites is Bitdefender 2016 Bitdefender Total Security 2016 Giveaway; Parrot Bebop Quadcopter with Skycontroller Bundle! Bitdefender Total Security 2016 Giveaway; Parrot Bebop Quadcopter with Skycontroller Bundle! With Bitdefender Total Security 2016 now available, we take a look at how it improves on the previous release, whether it deserves its position at the top of the pile of online security suites for... Read More .

3. Keep Your Applications Up-to-Date

You should always update your software. This might be annoying and frustrating, especially if it’s in the shape of a popup from Adobe or Oracle concerning your PDF program or Java virtual environment (which Google has ended support The Web Just Became More Secure: Google Drops Support for Java The Web Just Became More Secure: Google Drops Support for Java When Java was first released in 1995, it was revolutionary. But now, it's safe to say that Java has lost its shine, and Google is about to drop support for it in Chrome. Read More for, and which we would recommend you don’t use Is Java Unsafe & Should You Disable It? Is Java Unsafe & Should You Disable It? Oracle’s Java plug-in has become less and less common on the Web, but it’s become more and more common in the news. Whether Java is allowing over 600,000 Macs to be infected or Oracle is... Read More ) – but as long as those applications are installed on your personal computer, and the messages are genuine, then the updates need to be run.

It isn’t just those tools, either. Microsoft Office has a whole library of previously discovered vulnerabilities that have been exploited. Take the time to make sure Microsoft’s office productivity suite is regularly updated, or else swap for a less targeted alternative to Microsoft Office 9 of the Best Free & Low-Cost Alternatives to Microsoft Office 9 of the Best Free & Low-Cost Alternatives to Microsoft Office Microsoft Office has dominated the market of text documents, spreadsheets and slide shows for years, and for good reason – it’s one of the very best. However, there’s one drawback and that is the price.... Read More .

Video games, too, should be updated. MMORPGs (online role playing games) in particular are susceptible to attack, so as long as you keep everything updated – as well as the digital distribution services 4 Digital Distribution Gaming Clients You Might Like More Than Steam [MUO Gaming] 4 Digital Distribution Gaming Clients You Might Like More Than Steam [MUO Gaming] Although we've been taught to worship anything Steam's Gabe Newell pushes out at us, it's very important to remember that you have other options to explore. I won't argue that anything beats Steam's annual sale... Read More you subscribe to – you should be able to stay on top of any risks.

You’re probably reading the above from the viewpoint of a desktop computer, but in reality, it also applies to your smartphone and tablet.

4. Use the Latest, Most Secure Browsers

As with updating apps, it is important to keep your browsers updated. You should also strive to use the most secure options (typically Google Chrome and Mozilla Firefox, although Microsoft Edge is making headway A Microsoft Edge Review From A Die-Hard Chrome User A Microsoft Edge Review From A Die-Hard Chrome User Make no mistake, I am a die-hard Chrome user. But my curiosity got the better of me, so I took the plunge and tried Microsoft Edge. Read More in this area).

muo-security-zeroday-browser

All too often in the past, vulnerabilities have cropped up in browsers. Chrome and Firefox are not exempt from exploits, but perhaps the browser with the biggest problems was Internet Explorer. If you’re still using IE, now is the time to stop. A great selection of competent and secure browsers is available to you!

Whichever browser you choose, make sure it is updated regularly. This is just as important on mobile devices as on the desktop.

5. Use a Password Manager

For some reason, password managers still haven’t taken off. We’ve seen again and again that people just don’t know how to create a password that cannot be guessed. Perhaps they’re too lazy or busy to change from “qwerty” to something far more secure yet memorable 7 Ways To Make Up Passwords That Are Both Secure & Memorable 7 Ways To Make Up Passwords That Are Both Secure & Memorable Having a different password for each service is a must in today's online world, but there's a terrible weakness to randomly generated passwords: it's impossible to remember them all. But how can you possibly remember... Read More . Alternatively, perhaps they believe that by choosing a simple password, they’re double bluffing the criminals.

muo-security-zeroday-passwordmgr

If you’re one such person, I’ve got news for you: the criminals are the experts at bluffing, not you.

As a result of this alone you should be using a password manager. But to convince you further, the effects of a successful zero-day exploit can be mitigated if you have employed a password manager.

With such a system in place, you keep your passwords tied up and encrypted, unlocked only with the use of a master password. If an operating system, desktop app or game or browser exploit is being used to take control of your computer, you can at least be confident that your passwords cannot be accessed.

Protect Yourself Wherever Possible

Zero-day exploits can be used against you; perhaps they already have. Perhaps your bank, or credit card company, or an online store you use regularly has been attacked and your details hacked (you can check if this is the case Are Hacked Email Account Checking Tools Genuine Or A Scam? Are Hacked Email Account Checking Tools Genuine Or A Scam? Some of the email checking tools following the alleged breach of Google servers weren't as legitimate as the websites linking to them might have hoped. Read More ).

However, as long as you take steps to keep everything secure at home, and ensure your desktop computer (and mobile device) are fully updated, you should remain tantalizingly out of reach of hackers.

Have you been caught out by a zero-day exploit? Identity stolen, or data lost? Tell us about it in the comments.

  1. Mike
    February 25, 2016 at 10:59 pm

    Use a sandboxed browser!

Leave a Reply

Your email address will not be published. Required fields are marked *