888.678.7282    Get SUPPORT

Strata Information Technology Blog

Strata Information Technology has been serving the Encino area since 2007, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Strata Information Technology at 888.678.7282.

Tip of the Week: How to Use PowerPoint More Effici...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, June 24 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Business Computing Managed IT Services Privacy Technology Best Practices Cloud Cybersecurity Malware Ransomware Hackers Backup Productivity Communications Outsourced IT Internet Alert Business Management Network Security VoIP Software Smartphones Save Money Hardware IT Support Business Social Media Microsoft Passwords Phishing App Vulnerability Email Tech Term Data Twitter Windows 10 Smartphone Data Breach Android IT Services Office 365 Politics Bandwidth Remote Monitoring Saving Money Government Cloud Computing Patch Management Mobile Device Management Business Continuity Excel Small Business Law Enforcement Workers Apps Productivity Miscellaneous User Tips Cybercrime Google Computer Settings Data Backup Microsoft Office Scam Website How To Applications Efficiency Spam Password Retail Entertainment Hosted Solutions Collaboration Recovery BDR Antivirus Maintenance Chrome Holiday Access Control Office Personal Information Browser Company Culture Employer-Employee Relationship Innovation Vendor Management Data Recovery Internet of Things Windows Wi-Fi Facebook Communication Blockchain Virus Mobile Device Education Computers Word Email Management e-waste Yahoo Staffing PowerPoint IT budget Telephone System Managing Stress Video Games Networking WannaCry Sales Worker disposal Information Technology Sports Television IT Management Physical Security Hard Drives DDoS Dongle Avoiding Downtime HIPAA Tablet Mobile Devices Printer Value Biometrics Connectivity Two-factor Authentication Tech Terms Files Remote Support Bring Your Own Device Hard Drive Knowledge Access Streaming Media Tech Support Leadership Managed IT Managed IT Service Hybrid Cloud Safety Technology Tips Employer Employee Relationship Processors Document Management Comparison Database The Internet of Things Hiring/Firing BYOD Phone System Downloads Budget Gadgets Encryption Telephony Emergency Apple Network Backup and Disaster Recovery Automobile Spyware Tactics Synergy Paperless Office Specifications Multi-Factor Security Analytics Trends SaaS Artificial Intelligence Users Voice over IP Licensing HP iPhone Scalability SSD Internet Explorer Digital Travel Gadget A.I. IaaS WiFi Business Intelligence Wireless Credit Cards Inventory Threat Edge Dark Data Content Filtering Router Smart Technology Live Streaming Printer Server Shortcut Movies HaaS Data Protection Telephone Systems Unified Threat Management Gmail WhatsApp Cortana Printers CrashOverride Cleaning Data loss Cost Management Wireless Charging Remote Control Current Events VPN Botnet Dark Web Managed Service Provider RAM Computer Care Staff Marketing Lead Generation Net Neutrality Data Management Google Maps Disaster Recovery News Battery Automation Microsoft Teams Gaming Console Websites Virtual Assistant Business Technology Customer Service Autocorrect Remote Computing Mobile Office Domains Managed IT Services Telecommuting G Suite Public Speaking Money Millennials Lithium-ion battery Google Drive Augmented Reality Network Attached Storage IT Support Hosted Solution Server Management Copy Cables Competition Big Data Fun VoIP Paste Voice over Internet Protocol Upgrade Conferencing Virtualization Machine Learning Scheduling eCommerce Emoji Search Server Telecommute Instagram Online Shopping Mobile Security Presentation Samsung Printing Laptop Unified Communications File Sharing 5G Operating System Wireless Technology Paper IBM User Tip Hacker User Security Spam Blocking Environment Ink Customer Relationship Management Tip of the week Windows 10 IP Address

Newsletter Sign Up