888.678.7282    Get SUPPORT

Strata Information Technology Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Strata Information Technology at 888.678.7282.

Tip of the Week: How to Use PowerPoint More Effici...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, May 24 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Business Computing Best Practices Privacy Managed IT Services Network Security Cloud Internet Hackers Malware User Tips Communications Efficiency Microsoft Data Productivity Business Management Cybersecurity Outsourced IT Communication IT Support Ransomware Tech Term Backup Smartphones Business Windows 10 Hardware Passwords Software Innovation Google VoIP Email Mobile Device Users IT Services Network Social Media Small Business Productivity Alert Browser Smartphone Data Recovery Data Backup Bandwidth Apps Collaboration Miscellaneous Holiday Phishing Cloud Computing Save Money Hosted Solutions Microsoft Office Data Breach Office 365 Workplace Tips Saving Money Android App Internet of Things Mobile Devices Twitter Vulnerability Computer Business Continuity Access Control Law Enforcement Workers Office BDR Personal Information Net Neutrality Compliance Excel Employer-Employee Relationship Company Culture Blockchain Wireless Remote Monitoring Scam Politics Mobile Device Management Cybercrime Patch Management Wi-Fi Government Settings Applications Networking Facebook Chrome Gadgets Antivirus Telephony Value Word Remote Monitoring and Management Retail Connectivity Website Virtual Assistant BYOD How To Upgrade Education Automation SaaS Spam Vendor Management Healthcare Computers Windows Paperless Office Managed Service Voice over Internet Protocol Data Security Managing Stress Entertainment Managed IT Service Medical IT Dark Web Information Recovery Marketing Maintenance Password Virus Eliminating Downtime Leadership Access Emergency Spyware Managed Service Provider GDPR Cost Management Time Management Current Events Shortcut Movies Update Amazon Managed IT Payment Apple Tech Terms Hiring/Firing Authorization Employer Employee Relationship Employees Multi-Factor Security Specifications Bring Your Own Device Botnet Security Cameras Computer Care VPN News Wireless Internet Licensing Voice over IP HP Customer Service Storage Email Management CrashOverride Data loss Battery Technology Efficiently Data Management Disaster Recovery Encryption instant Messaging iPhone Streaming Media Automobile Solid State Drive Technology Tips Hybrid Cloud Gaming Console Telephone System WannaCry Staff RAM Help Desk Synergy Analytics Travel Document Management Database Error Human Resources Sales Outlook Yahoo Physical Security Regulation Vulnerabilities Scalability Phone System WiFi Downloads Troubleshooting Hard Disk Drive Router Content Filtering Backup and Disaster Recovery Cables Video Games Google Maps HIPAA Tablet Websites Microsoft Teams Certification IaaS Live Streaming Tactics Two-factor Authentication Hard Drives Touchscreen Employee-Employer Relationship Worker DDoS Television Information Technology Files e-waste Reporting Cryptocurrency Credit Cards Telephone Systems Data Protection Artificial Intelligence Trends VoIPMyths Video Smart Technology Gmail SSD Plug-In Staffing Remote Support Hard Drive IT budget PowerPoint Printer Knowledge Dark Data Mobility HaaS Printer Server WhatsApp Wireless Charging Digital Internet Explorer Tech Support Microsoft Office 365 Avoiding Downtime Electronic Health Records Profitability Biometrics disposal Remote Control Gadget A.I. Safety Cortana VoIPSavings Business Intelligence Inventory The Internet of Things Proactive IT E-Commerce Processors IT Management Sports Health Comparison Dongle Training Cleaning Unified Threat Management Printers Lead Generation Edge Threat Budget Authentication Customer Relationship Management Spam Blocking User Security Telecommute Competition Tip of the week Mobile Security Big Data IP Address Laptop Printing Unified Communications Chrome OS Business Technology Remote Computing Operating System Fun Network Attached Storage Mobile Office Quick Tips Hosted Solution Conferencing Domains Wearables Paper eCommerce Telecommuting Environment Server Management Virtualization Copy Public Speaking Autocorrect Ink Presentation Online Shopping Windows 10 Millennials Search Scheduling VoIP Lithium-ion battery Server Paste Augmented Reality Google Drive Wireless Technology 5G Emoji IT Support IBM Instagram Windows 7 File Sharing Machine Learning Samsung OneNote User Tip Money Managed IT Services Hacker G Suite

Newsletter Sign Up