631-905-9617    Get SUPPORT

Suffolk Computer Consultants Blog

Suffolk Computer Consultants has been serving the Speonk area since 2013, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Suffolk Computer Consultants at 631-905-9617.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, June 18 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Best Practices Cloud Privacy Business Computing Technology Cybersecurity Malware Managed IT Services Network Security Backup Hardware Communications Business Microsoft Hackers Ransomware Outsourced IT Alert Wi-Fi Passwords Software Business Management Smartphones Android Email Productivity Save Money Tech Term Google Social Media VoIP Internet Computer Communication Twitter Smartphone Router Hosted Solutions Applications Small Business Employer-Employee Relationship Innovation Miscellaneous Excel Data Breach VoIP Business Intelligence Settings Microsoft Office Government IT Services Data Management Bandwidth Phishing Data Backup Mobile Devices Windows 10 Cloud Computing Password Patch Management Data Vulnerability Apps Office Collaboration Access Control User Tips Law Enforcement Virtualization Cybercrime Wireless WiFi Data Recovery Analytics Artificial Intelligence Wireless Charging Data Protection Battery Cortana Gmail Windows App Internet of Things VPN Hacking Remote Computing Cost Management Tip of the week Politics Office 365 Virus Website Remote Monitoring Blockchain Word Saving Money Holiday Spam Computers Business Continuity Scam Mobile Device Management How To Automation Efficiency Physical Security Workers Managed IT Services Productivity Gadgets Tech Terms Browser IT Support Paperless Office Retail BDR Chrome IT Support Specifications Managed IT Access Spyware Network Attached Storage eCommerce Automobile Office Tips Streaming Media Copy Technology Tips Apple Conferencing Multi-Factor Security BYOD Database HP Server Management Online Shopping Licensing Phone System Downloads Paste Backup and Disaster Recovery iPhone Server Content Filtering Tactics Document Management Facebook Travel Google Maps Trends SSD Disaster Recovery Cleaning Internet Explorer Digital Machine Learning Lead Generation Live Streaming Gadget A.I. Telephone Systems Inventory File Sharing User Tip Dark Web Marketing Printer Server Threat Edge Movies Telecommute Virtual Assistant WhatsApp Shortcut Remote Control Mobile Security Smart Technology Education User Security Laptop Work/Life Balance Printers Printing Unified Communications Data loss CrashOverride Botnet Spam Blocking Operating System Business Technology Telecommuting Paper RAM Staff News Email Management Environment WannaCry Hard Drives Sales Millennials Ink Microsoft Teams Websites Telephone System Two-factor Authentication e-waste HIPAA Entertainment Tablet IT budget Recovery Managed IT Service Staffing PowerPoint Networking Maintenance Tech Support Information Technology disposal Hard Drive Knowledge IT Management Spotify Telephony Safety Files Sports G Suite Dongle Antivirus Remote Support Google Drive Biometrics Value Processors Hiring/Firing Comparison Voice over IP Connectivity Company Culture Big Data Hosted Solution Users SaaS Scalability Emergency Upgrade Hybrid Cloud Synergy Encryption IaaS Credit Cards Windows 10 Emoji Search Mobile Device Vendor Management HaaS Presentation Unified Threat Management Scheduling Current Events Samsung 5G Wireless Technology IBM Managed Service Provider Computer Care Instagram Hacker Net Neutrality Customer Relationship Management Gaming Console IP Address Freedom of Information Customer Service Video Games Mobile Office Worker Yahoo Domains Television Printer Public Speaking Autocorrect Avoiding Downtime Lithium-ion battery Managing Stress Augmented Reality Dark Data Leadership DDoS The Internet of Things Money Budget Personal Information Network Employer Employee Relationship Competition Bring Your Own Device Fun

Newsletter Sign Up