Hello to you all,
Firstly, and I'm not sure if this is important at all, but this isn't my first post, this is just another account due to e-mail access issues.
I guess this question may have already been made in the past, but as the matter is quite vague, I couldn't find any previous posts related to this from my searches, so I apologize in advance if it's a repeated questions.
I wanted to ask to people here who works with security or that have enough knowledge in the matter, the real current threat to security of computers of average/home users (not in a production/company environment).
I always see a lot of warnings in computer blogs and forums about keeping Windows Update or other form of updates for OSs activated and about always being better to run a computer from a limited user kind of account, even for experienced users.... I wanted to ask how much of that is real, how much is necessary.
I mean, let's not take in account the average "40-something already a parent user who would click on a 'get iphone here' e-mail and just use excel, outlook and facebook", but the kind of user who would normally read computer blogs and forums. Let's call it a power user, even though this term has many meanings, most erroneous.
Considering a Power User
- would know better to pick trustworthy sources for new software (like Sourceforge),
- know not to open obvious, and even not so obvious strange email (like well-made bank phishing emails from banks that the user don't have an account on - happened to me, almost believed in one)
- know how to use secure websites and not to click on advertising, to block pop-ups and other basic security measures when surfing the web
- have a good, although free antivirus, like Avast or AVG, and use some kind of sandboxed browser to use banking websites (like that of Avast)
- wouldn't utilize any form of piracy
- have the patience to read at each screen on a install wizard and NEVER use a download manager (like when you go on a website for new software, and this software have 500mb but when you download is just a 1,3mb download manager that fills your PC with bloatware)
Considering all of that above... is it really necessary to keep Windows updated so much? Does high skilled hackers really try to crack into an average home user computer through some kind of security breach that Microsoft somehow didn't yet discovered? Or is it just malware risk?
From the IT sector of my previous company I learned how much companies of any size are attacked... like, every day, every hour. I guess that can get these professionals scared and make them advise people this way, but for users who can take the measures above (which I think are pretty basic), on their home PCs, are they really risking that much using an admin account with privileges to install software.
Please, I want this answer to be honest, with real life examples if possible, not an exagerated one... because I never met home users which had backdoors on their PCs or that their PCs just started installing software on their own... it was most likely the usual "baidu" stuff of installing bleepty software filled with bloatware.
I thank in advance anyone who might read this, and even more those who provide an answer.