888.678.7282    Get SUPPORT

Strata Information Technology Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Strata Information Technology at 888.678.7282.

Tip of the Week: How to Use PowerPoint More Effici...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, August 21 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Business Computing Technology Privacy Managed IT Services Best Practices Cloud Communications Cybersecurity Malware Ransomware Backup Hackers Smartphones Outsourced IT Internet VoIP Network Security Productivity Software Tech Term Alert Business Management Social Media Passwords IT Support Phishing Business Hardware Save Money Microsoft Data Data Breach Vulnerability IT Services Android Network Google App Data Backup Twitter Windows 10 Email Hosted Solutions Communication Small Business Data Recovery Microsoft Office Smartphone Workers Office 365 User Tips Settings Miscellaneous Employer-Employee Relationship Saving Money Remote Monitoring Scam Excel Company Culture Bandwidth Cybercrime Politics Mobile Device Management Government Internet of Things Computer Compliance Business Continuity BDR Apps Cloud Computing Productivity Law Enforcement Blockchain Patch Management Browser Holiday Retail Office Collaboration Users Innovation Computers Website Education Personal Information Vendor Management Automation Managed IT Service Spam Chrome SaaS Dark Web Networking Managing Stress Access Control Virus Efficiency Windows Word Wi-Fi Virtual Assistant Applications How To Entertainment Facebook Recovery Antivirus Maintenance Password Mobile Device Reporting Tablet Downloads Live Streaming Cables Plug-In Telephone Systems Data Protection Encryption Computer Care Files Battery Data Management Backup and Disaster Recovery Remote Support Hard Drive Paperless Office Tactics BYOD Gmail Automobile Websites Microsoft Teams Net Neutrality CrashOverride Synergy e-waste Disaster Recovery Medical IT Knowledge Artificial Intelligence Trends WhatsApp Wireless Charging SSD Voice over Internet Protocol Proactive IT Remote Control IT budget PowerPoint Gaming Console Yahoo Processors Digital Internet Explorer Analytics Wireless Lead Generation disposal GDPR Comparison Hard Drives A.I. Scalability Phone System Inventory Information Remote Monitoring and Management IT Management Sports Video Games Google Maps Emergency Mobile Devices Telephony DDoS Two-factor Authentication Apple Edge Threat IaaS Dongle Worker News Dark Data Spyware Value Television Information Technology Storage Multi-Factor Security Specifications Avoiding Downtime Movies Credit Cards Amazon Smart Technology Email Management Tech Terms Connectivity Staffing Licensing Voice over IP Tech Support iPhone HaaS Printer Server Cortana Bring Your Own Device Printer Telephone System WannaCry Unified Threat Management HP Biometrics Safety Data loss Gadget Workplace Tips Business Intelligence Regulation Marketing Sales Managed Service Provider Cost Management Streaming Media The Internet of Things Travel Gadgets Budget WiFi Managed IT Cleaning Printers Physical Security Technology Tips Hybrid Cloud HIPAA Botnet VPN Document Management Database Leadership Access Router Content Filtering Hiring/Firing Employer Employee Relationship Staff RAM Current Events Shortcut Environment IP Address Server Management Big Data Online Shopping Fun Ink Millennials Customer Service Google Drive Mobile Office Upgrade Hosted Solution File Sharing Domains IT Support Autocorrect User Tip Virtualization Machine Learning Copy Spam Blocking User Security Search Scheduling Public Speaking Presentation Tip of the week Server G Suite Windows 10 Emoji Lithium-ion battery Telecommute VoIP Mobile Security Paste Business Technology Instagram Augmented Reality Money Laptop Printing Wireless Technology 5G Remote Computing Samsung IBM Error Conferencing Unified Communications Operating System Hacker Network Attached Storage Managed IT Services eCommerce Paper Telecommuting Customer Relationship Management Competition

Newsletter Sign Up