631-905-9617    Get SUPPORT

Suffolk Computer Consultants Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Suffolk Computer Consultants at 631-905-9617.

Are Your Printing Expenses Secretly Out of Control...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, August 22 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Best Practices Business Computing Technology Privacy Cloud Cybersecurity Managed IT Services Malware Communications Tech Term Backup Network Security Smartphones Hardware Microsoft Hackers Ransomware Business Business Management Outsourced IT Passwords Communication Hosted Solutions Software Save Money Productivity Social Media Google VoIP Android Wi-Fi Alert Email Small Business Twitter Microsoft Office Smartphone Employer-Employee Relationship Data Backup Internet Router Computer Data Recovery Data Business Intelligence Applications BDR Collaboration Browser IT Support Government Innovation Blockchain Excel IT Services Internet of Things User Tips Miscellaneous Office Saving Money Data Management Network Phishing Automation Analytics Mobile Devices Virtualization VoIP Bandwidth Windows 10 Cloud Computing Password Patch Management Data Breach Apps Settings Efficiency Vulnerability Gadgets Retail App Dark Web Hacking Virtual Assistant Office 365 Website Paperless Office Workers Chrome VPN Tip of the week Remote Computing Compliance Cost Management Virus IT Support Access Control Computers Spam Remote Monitoring Wireless Word Law Enforcement Company Culture Mobile Device Management Artificial Intelligence Holiday Politics Networking WiFi Cybercrime How To Scam Windows Wireless Charging Managed IT Service Data Protection Information Physical Security Business Continuity Managed IT Services Battery Gmail Cortana Productivity Tech Terms Files Telephony Bring Your Own Device Facebook Shortcut Telephone Systems File Sharing Laptop Printing Amazon Entertainment Biometrics GDPR Spotify Recovery Remote Support Spyware Disaster Recovery User Tip Data loss Unified Communications Managed Service Cleaning Printers Big Data WhatsApp Operating System Maintenance Google Drive Comparison Network Attached Storage Streaming Media Voice over IP Technology Tips Hybrid Cloud Users CrashOverride Remote Control User Security Paper Workplace Tips Hiring/Firing Access Storage Hosted Solution HP Database Staff RAM Work/Life Balance WannaCry Environment Antivirus Specifications Server Management Downloads BYOD eCommerce Backup and Disaster Recovery Spam Blocking Business Technology Ink Plug-In Managed IT Microsoft Teams Office Tips Automobile Phone System Copy Apple Document Management Tactics Cables Botnet Education Smart Technology Telecommuting Websites News HIPAA e-waste Multi-Factor Security Conferencing Trends SaaS Licensing Online Shopping SSD Email Management Sales IT budget PowerPoint Proactive IT Managing Stress Two-factor Authentication Paste iPhone Digital Internet Explorer Voice over Internet Protocol Hard Drives Millennials Reporting Staffing Telephone System Hard Drive disposal Content Filtering Machine Learning A.I. Server Travel Inventory Tablet IT Management Sports Remote Monitoring and Management Dongle G Suite Google Maps Gadget Tech Support Edge Threat Information Technology Medical IT Processors Value Safety Telecommute Movies Analysis Printer Server Live Streaming Lead Generation Mobile Security Marketing Knowledge Connectivity Samsung Budget Customer Relationship Management Managed Service Provider Unified Threat Management Competition Instagram DDoS IP Address Current Events Money Leadership Employer Employee Relationship Customer Service Computer Care Upgrade Fun Mobile Office Domains Emergency Freedom of Information Net Neutrality Personal Information Error Regulation Gaming Console Windows 10 Public Speaking Yahoo Encryption Scalability Presentation Video Games Search Mobile Device Synergy Lithium-ion battery Vendor Management IaaS Augmented Reality Worker Credit Cards Autocorrect Television Wireless Technology 5G Avoiding Downtime IBM Emoji Scheduling HaaS The Internet of Things Dark Data Printer Hacker

Newsletter Sign Up