Important Security Updates for Android Phones and Windows 10 Computers
October 30, 2019
By EisnerAmper’s IT Security Cabinet
Google has released fixes for three critical-severity vulnerabilities in its Android operating system, which, if exploited, could allow a remote attack. The three critical flaws (CVE-2019-2184, CVE-2019-2185, and CVE-2019-2186) support audio/video files and online images. Android operating systems 7.1.1, 7.1.2, 8.0, 8.1, 9 are specifically impacted. If you are using an Android device, we encourage you to go to Android Help to check if your operating system needs to be updated.
Microsoft announced earlier this month that it is providing Tamper Protection to all Windows 10 devices running on both Enterprise and Consumer operating systems. A common tactic for hackers is to disable Windows Defender Antivirus, which blocks several forms of malicious code execution. Tamper Protection updates the current setting to have Windows Defender active by default. If your employees have a third-party anti-virus application that is disabled for any reason, Tamper Protection will also make sure Windows Defender is enabled, even if it was previously turned off. For more information on Tamper Protection, click here.
Be Careful When Using Public Charging Stations
A recent cybersecurity report shows that 32% of hacked mobile devices were exposed to rogue data networks in public locations. Another growing trend is for devices to be scanned or loaded with hidden malware when connected to a public power station—like those found at airports, mall kiosks and other public locations. Hackers have been known to tamper with the stations by installing their own USB port or leaving cables connected that have hidden microchips to run automated attacks when a device is connected.
If you or your employees will be traveling or plan on not having access to a trusted charge point for more than a day, we recommend using your own power cord with an AC outlet adapter or purchasing a portable power supply.