We regularly tell you that one critical way to avoid a lot of online attacks is to keep your software updated. Security researchers are continually finding security holes in programs and developers are closing them. If you aren't updating, especially major programs like Windows, your computer or other gadgets are at risk.
To help with the process, many companies have automatic updating built into their programs, or provide utilities that grab the latest updates for you. Considering the whole goal is to make you safer, it's a bit ironic when one of those update programs actually causes a security problem.
That's the case with the Intel Driver Update Utility. Its purpose is to grab new drivers for Intel processors, motherboards and other hardware that improve performance and security. Unfortunately, Intel missed a security feature itself.
Versions 2.0 to 2.3 of the utility grabs updates from Intel over an unencrypted Internet connection. Researchers at Core Security found that it was a simple matter to intercept the connection and send their own malicious software to the computer requesting the update.
In response, Intel has released version 2.4 of the utility that encrypts the connection so it can't be hijacked. If your computer has the Intel Driver Update Utility installed (it will show up in the program list in your Start menu), you'll want to upgrade it right away from this link.
Speaking of hijacking unencrypted connections, find out how to make any connection encrypted so you can use the Internet safely on services like public Wi-Fi.