She'll be out tomorrow to swear on a stack of Bibles, Korans, and Upanishads that she never opens attachments from people she doesn't know as "proof" that nothing was compromised.
Such clumsy attempts by amateurs have nothing to do with the vulnerabilities she exposed. Serious blackhats don't send fishing letters or toxic attachments. It would be months, if ever, before she was even aware they were in her knickers.
Yeah this is kid stuff.
What was probably a big security hole is how often that server (and the software on it was updated). Especially with a server in a home, it’s likely it was not patched very often, even with regular Windows updates (since those require a restart and Windows servers don’t restart automatically).
So any hacker worth his salt could probably use any number of vulnerabilities even a few months old to compromise that kind of system.
Yes.
This is nothing.