If you’re a regular reader, you know Komando.com keeps you up to date with security alerts and fixes. If hackers are attacking your gadget or its operating system, we’ll tell you about it in our Happening Now news articles.
This is really important because hackers are highly sophisticated, breaking into dozens of major companies and government agencies this year alone. In fact, hackers have hacked President Obama’s personal email and they have stolen information from thousands of Obama Administration staffers. How can you possibly hope to keep them out?
One of the most critical points of entry to your computer or gadgets is your Web browser. Unfortunately, your Web browser can have hundreds of security holes that hackers can, and do, exploit.
Fortunately, most Web browsers do a good job of patching security holes, often with automatic updates, but you can’t rely on that. Maybe your browser isn’t updating, or perhaps you have add-ons or plug-ins installed that have their own security holes.
To make sure you stay safe, we’ve rounded up five security tips that will help keep hackers out of your browser, and out of your life.
1. KEEP BROWSER UP TO DATE
One of the easiest ways to keep hackers away is to make sure your Web browser up to date. A lot of times, browsers like Microsoft’s Edge, Mozilla’s Firefox and Google Chrome issue patches and fixes for bugs they know about. Typically, they get most of them before hackers can have a field day exploiting vulnerabilities.
Fortunately, most browsers these days are automatically updated. For instance, if you installed Microsoft’s new Windows 10 operating system, its default setting is to automatically update your software and issue patches, including for its Edge browser.
Firefox and Chrome also have default settings for automatic updates. You just need to restart them occasionally for the latest updates to install. If you’re not sure if you’re set up for automatic updates, here’s how to check:
Chrome: Google Chrome updates automatically, and turning that off isn’t easy. That’s good. But to make absolutely sure you’ve got the latest version, you can click on the Menu icon (little box with three horizontal lines in the upper right corner of your page). Choose “Help and About,” then “About Google Chrome.”
If you need to change the update settings, go to Menu>>Settings, and then click the “Show Advanced Settings” link. Click or un-click “Protect You and Your Device From Dangerous Sites” to turn automatic updates on or off.
Edge: If you’re using Windows 10, go to Start>>Settings, then click “Update & Security.” Windows Update should say your device is up to date. If it’s not, choose “Advanced Options,” then “Choose How Updates Are Installed” and select “Automatic (recommended).”
Internet Explorer: In Windows 8, using a mouse, right-click in the lower right corner of the screen and choose “Control Panel.” If you’re using a touch screen, swipe from the right of the screen and tap “Settings,” then “Control Panel.” In Windows 7 and Vista, go to Start>>Control Panel.
In Control Panel, click “System and Security.” Under “Windows Update,” choose “Turn Automatic Updating On Or Off.” Choose “Install Updates Automatically” from the drop-down menu.
Firefox: Click the Menu icon (far upper right-hand corner; it’s three horizontal lines) and choose “Options” and then “Advanced” in the left-hand column. Select the “Update” tab on the right, and under “Firefox Updates,” make sure “Automatically Install Updates (Recommended: Improved Security)” is selected.
2. UNINSTALL UNNEEDED PLUG-INS
Even if your browser itself is secure, it might have third-party plug-ins that aren’t. A few years ago, Oracle’s Java plug-in was riddled with security flaws. Most browsers have Java disabled by default now, but the new danger is Adobe Flash.
Those aren’t the only plug-ins to keep an eye on, though. You might also have Microsoft Silverlight, Unity or a toolbar that you installed years ago and don’t actually need. So, one way to give yourself an extra layer of protection is to delete unneeded plug-ins.
To do that in Windows 10, go to Start and select “All Apps.” That’s essentially Windows 10’s version of the Control Panel. That will list all the programs installed on your device. Right click on the one you don’t want; then select Uninstall.
In older versions of Windows, go to Start>>Control Panel, then under “Programs,” click “Uninstall a Program.” Select the plug-in you want to remove, and click Uninstall.
3. ENABLE CLICK-TO-PLAY PLUG-INS
Not every plug-in is one you want to get rid of. There are good reasons to keep Adobe Flash around, for example. But you might only want it running when you actually need it. Fortunately, that’s possible.
It’s called click to play. Instead of a plug-in always running, you have to click on it to activate it. Here’s how to do that.
Chrome: Menu (horizontal lines in the upper right corner)>>Settings. Click “Advanced Settings” at the bottom of screen. Under “Privacy,” choose “Content Settings.” Under “Plug-ins,” choose “Let Me Choose When To Run Plug-in Content.”
Edge: This browser doesn’t really have click-play. You have to disable and re-enable plug-ins manually.
In Windows 10, right-click on the Start menu and choose “Control Panel.” Click “Network and Internet” and then under “Internet Options” click “Manage browser add-ons.” Click the “Manage add-ons” button and then highlight a specific plug-in in the “Toolbars and Extensions” area. If a plug-in is enabled, click the “Disable” button in the lower-right corner.
If you’re just interested in Adobe Flash, in Edge, click the icon with the three dots in the upper-right corner, then select “Settings.” Click the “View Advanced Settings” button and you’ll see the “Use Adobe Flash Player” option. Turn this off when you don’t need to use Flash.
Internet Explorer: In the far top right corner, click on the little gear icon and choose “Manage Add-Ons.” Highlight a specific plug-in in the “Toolbars and Extensions” area. If a plug-in is enabled, click the “Disable” button in the lower-right corner.
Firefox: Menu (horizontal lines in the upper right corner)>>Add-Ons. Choose “Plugins” in the left-hand column. Next to each plug-in, you’ll see a drop-down menu. Change each one to “Ask To Activate.”
4. GET RID OF UNNEEDED BROWSER EXTENSIONS
Browser plug-ins and browser extensions are easy to confuse. Plug-ins handle video or other content that the browser can’t handle on its own. Extensions are bits of code that add new features to the browser.
If you’ve used Firefox or Chrome for a while, you’ve probably added a few extensions at some point. We recently ran one that cuts down on the memory you’re gobbling up with too many open tabs.
Extensions have a downside, though. Many of them need your passwords to do their job. That opens up extensions to hackers, who use extensions to install malware.
A couple of tips: Before you install an extension, make sure it’s coming from a trustworthy source and has been around for a while. Second, be sure to review your extensions every once in a while, to weed out the ones you don’t need any more. If you’re not using an extension, or you suspect it’s not from a reliable company, delete it. Here’s how:
Chrome: Go to Menu>>More Tools>>Extensions, then click “Remove” on each extension you don’t need.
Internet Explorer: This browser does not support extensions.
Firefox: Menu>>Add-Ons. Choose “Extensions” in the left-hand column, then select the ones you don’t want and click “Remove.”
5. RUN ANTI-EXPLOIT SOFTWARE
We always tell you to keep your devices safe with security software. Our sponsor Webroot is a good choice because it works on just about every gadget, from Apple to Android and Mac to PC. Also, because it’s cloud-based it’s always up to date and won’t slow down your gadgets.
While most security software is great at detecting and stopping the millions of viruses out there before they can install, security holes in your browser and other programs give viruses a better chance to slip past unnoticed. Unfortunately, you don’t even know there’s a security hole in a program until the developer releases an update. Until now.
Software companies are starting to release anti-exploit programs. This watch your programs for signs that someone might be trying to use them to sneak on to your system. Then it blocks those attempts.
If you think of your main security program, like Webroot, as the castle wall and the army guarding it, an anti-exploit program is the guy watching for traitorous citizens trying to open the backdoor.
One free anti-exploit program you can try is Malwarebytes Anti-Exploit. Just don’t use it as your main security program and think you’ll stay safe.
By following these five steps, you’ll be well protected from hackers. Still, hackers are clever and always updating their tricks. Be sure to keep up-to-date with security patches and fixes every day, in Happening Now.