888.678.7282    Get SUPPORT

Strata Information Technology Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Strata Information Technology at 888.678.7282.

Tip of the Week: How to Use PowerPoint More Effici...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, January 16 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Business Computing Best Practices Managed IT Services Privacy Cloud Network Security Internet Malware Hackers Cybersecurity Tech Term Communications Ransomware Backup User Tips Software Productivity Business Management Outsourced IT VoIP IT Support Microsoft Smartphones Efficiency Productivity Passwords Alert Data Recovery IT Services Browser Network Google Data Backup Social Media Business Windows 10 Hardware Email Data Communication Small Business Mobile Device Smartphone Cloud Computing Microsoft Office Phishing Holiday Users Save Money Hosted Solutions Apps Data Breach Collaboration Android Vulnerability App Miscellaneous Bandwidth Saving Money Twitter Internet of Things Access Control Business Continuity BDR Compliance Workers Workplace Tips Blockchain Employer-Employee Relationship Patch Management Office 365 Remote Monitoring Scam Innovation Excel Company Culture Settings Cybercrime Politics Government Wireless Networking Mobile Device Management Wi-Fi Computer Applications Law Enforcement How To Maintenance Password Marketing Retail Office Education Personal Information BYOD Website Computers Vendor Management Automation SaaS Spam Managed IT Service Windows Dark Web Managing Stress Chrome Mobile Devices Virus Information Word Remote Monitoring and Management Entertainment Facebook Virtual Assistant Connectivity Recovery Antivirus Managed IT Cleaning Printers Technology Efficiently Bring Your Own Device Safety iPhone VPN Leadership The Internet of Things Access Data loss Hiring/Firing Employer Employee Relationship Current Events Shortcut Telephone System WannaCry HP Botnet Sales Error Streaming Media Gadgets Budget Travel Help Desk Regulation Encryption Computer Care Physical Security Outlook Technology Tips Hybrid Cloud Battery Data Management WiFi Router Content Filtering Troubleshooting Staff RAM Automobile Net Neutrality CrashOverride HIPAA Document Management Database Disaster Recovery Tablet Touchscreen Downloads Live Streaming Certification Synergy Reporting Gaming Console Files Managed Service Backup and Disaster Recovery Cables Yahoo Telephone Systems Data Protection Tactics Upgrade Analytics Gmail VoIPMyths Websites Microsoft Teams Remote Support Hard Drive Plug-In Paperless Office Knowledge Microsoft Office 365 Artificial Intelligence Trends Hard Drives Scalability Phone System WhatsApp Wireless Charging Mobility e-waste Medical IT IT budget PowerPoint Video Games Google Maps Profitability SSD Voice over Internet Protocol DDoS Remote Control Digital Internet Explorer IaaS VoIPSavings Worker Processors Proactive IT Television Information Technology Comparison Authentication A.I. Avoiding Downtime Credit Cards Lead Generation Training disposal Dark Data GDPR IT Management Sports Two-factor Authentication Staffing Emergency Telephony Eliminating Downtime Inventory Smart Technology Edge Threat HaaS Printer Server Update Dongle Cortana Printer Apple Biometrics Multi-Factor Security Specifications Authorization Movies Gadget News Security Cameras Spyware Value Unified Threat Management Email Management Business Intelligence Storage Tech Terms Managed Service Provider Cost Management Tech Support Licensing Voice over IP Wireless Internet Amazon Laptop Printing IBM Remote Computing Conferencing Quick Tips Unified Communications Hacker Wearables Network Attached Storage eCommerce Operating System Paper Fun Customer Relationship Management Telecommuting Competition Big Data IP Address Healthcare Server Management Online Shopping Environment Ink Customer Service Millennials Hosted Solution Autocorrect Virtualization Mobile Office Domains Google Drive Search Scheduling IT Support Copy File Sharing User Tip Server Windows 10 Public Speaking Machine Learning VoIP Emoji Paste User Security Instagram Presentation Spam Blocking Money Tip of the week G Suite Samsung Lithium-ion battery Augmented Reality Telecommute Wireless Technology 5G Business Technology Managed IT Services Mobile Security

Newsletter Sign Up