888.678.7282    Get SUPPORT

Strata Information Technology Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Strata Information Technology at 888.678.7282.

Tip of the Week: How to Use PowerPoint More Effici...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, October 23 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Business Computing Technology Managed IT Services Privacy Best Practices Cloud Cybersecurity Internet Network Security Malware Hackers Communications Ransomware Backup VoIP Tech Term Alert Smartphones Outsourced IT Microsoft Passwords Productivity Software Browser Business Management Social Media Business Communication IT Support Productivity Phishing User Tips Google Windows 10 Hardware Efficiency Save Money Hosted Solutions Email Data Small Business Cloud Computing Microsoft Office Smartphone Data Breach Vulnerability IT Services Users Android Miscellaneous Network Saving Money App Bandwidth Data Backup Twitter Internet of Things Data Recovery Workplace Tips Law Enforcement Blockchain Mobile Device Patch Management Workers Office 365 Innovation Collaboration Settings Employer-Employee Relationship Remote Monitoring Scam Excel Company Culture Cybercrime Politics Access Control Government Mobile Device Management Computer Compliance Business Continuity BDR Apps Recovery Marketing Antivirus Maintenance Password Retail Holiday Website Computers Office Education Personal Information Vendor Management Automation Managed IT Service Chrome SaaS Spam Dark Web Networking Managing Stress Virus Windows Word Wi-Fi Virtual Assistant How To Applications Entertainment Facebook Business Intelligence The Internet of Things Regulation Sales Managed Service Provider Cost Management Streaming Media Outlook Travel WiFi Managed IT Cleaning Printers Gadgets Budget Troubleshooting Physical Security Technology Tips Hybrid Cloud Botnet VPN Document Management Database Leadership Access Touchscreen Router Content Filtering Hiring/Firing Employer Employee Relationship Staff RAM Current Events Shortcut HIPAA Reporting Tablet Downloads Live Streaming Plug-In Telephone Systems Data Protection Encryption Computer Care VoIPMyths Files Battery Data Management Backup and Disaster Recovery Cables Hard Drive Paperless Office Tactics BYOD Microsoft Office 365 Gmail Automobile Websites Microsoft Teams Net Neutrality CrashOverride Remote Support e-waste Disaster Recovery Medical IT Knowledge Artificial Intelligence Trends WhatsApp Wireless Charging Synergy Proactive IT Remote Control IT budget PowerPoint Gaming Console VoIPSavings Yahoo SSD Voice over Internet Protocol Processors Digital Internet Explorer Analytics Authentication Wireless disposal GDPR Comparison Hard Drives A.I. Scalability Phone System Lead Generation Mobile Devices Remote Monitoring and Management IT Management Sports Video Games Google Maps Update Emergency Telephony DDoS Inventory Information Apple Edge Threat IaaS Two-factor Authentication Authorization Dongle Worker Spyware Value Television Information Technology Storage Multi-Factor Security Specifications Avoiding Downtime Movies Credit Cards News Dark Data Smart Technology Email Management Tech Terms Connectivity Staffing Technology Efficiently Licensing Voice over IP Amazon iPhone HaaS Printer Server Tech Support Cortana Bring Your Own Device Printer Unified Threat Management HP Biometrics Error Data loss Gadget Safety Telephone System WannaCry Network Attached Storage Managed IT Services Hacker eCommerce Operating System Paper Telecommuting Customer Relationship Management Competition Environment Big Data Server Management IP Address Managed Service Online Shopping Fun Ink Millennials Customer Service Upgrade Google Drive Mobile Office Domains File Sharing IT Support Hosted Solution Autocorrect User Tip Virtualization Machine Learning Copy Public Speaking Spam Blocking User Security Search Scheduling Tip of the week Server G Suite Windows 10 Presentation Telecommute VoIP Lithium-ion battery Emoji Paste Augmented Reality Business Technology Instagram Mobile Security Money Laptop Printing Quick Tips Remote Computing Samsung Wireless Technology 5G IBM Conferencing Unified Communications

Newsletter Sign Up