631-905-9617    Get SUPPORT

Suffolk Computer Consultants Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Suffolk Computer Consultants at 631-905-9617.

Are Your Printing Expenses Secretly Out of Control...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, May 26 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Privacy Cloud Network Security Productivity User Tips Cybersecurity Microsoft Communication Efficiency Malware Google Communications Smartphones Hardware Business Internet Managed IT Services Data Tech Term Hackers Innovation Backup Outsourced IT Email Passwords Business Management Mobile Device Windows 10 Small Business Software Ransomware Android Hosted Solutions IT Support Browser Users Network Data Backup Social Media Bandwidth Data Recovery Mobile Devices VoIP Wi-Fi Applications Smartphone Managed IT Services IT Services Apps Collaboration Miscellaneous Save Money Alert Cloud Computing Computer Microsoft Office Gadgets Internet of Things Holiday Office Router Saving Money Wireless Password Twitter Business Intelligence Employer-Employee Relationship Workplace Tips Chrome Access Control Office 365 Word Automation Analytics VoIP Networking Information Patch Management Settings Gmail Data Breach Government Vulnerability Business Continuity Paperless Office BDR Data Management Marketing Managed Service Phishing Blockchain Excel Virtualization Website WiFi Cybercrime Compliance Net Neutrality Scam Computers BYOD Upgrade Company Culture Artificial Intelligence Politics Spam Battery How To Mobile Device Management Cortana Voice over Internet Protocol Wireless Charging Remote Monitoring and Management Data Protection Windows App Physical Security Managed IT Service G Suite Hacking Healthcare Value Medical IT Telephony Tech Terms Connectivity Facebook Cost Management Data Security IT Support Dark Web Mobility Productivity Retail Virtual Assistant Remote Monitoring Law Enforcement Tip of the week Remote Computing Virus VPN Workers eCommerce WannaCry Environment Antivirus Time Management Spam Blocking Business Technology Server Management Downloads Hard Drives Eliminating Downtime Backup and Disaster Recovery Plug-In Payment Copy Apple Ink Customer Service Personal Information Telecommuting Phone System Server Cables Security Cameras News Document Management Tactics Education Smart Technology Error Employees Multi-Factor Security Conferencing Websites Microsoft Teams Wireless Internet Licensing Online Shopping HIPAA e-waste Google Maps Chrome OS Email Management Sales Trends SSD Proactive IT instant Messaging Paste iPhone IT budget PowerPoint SaaS Troubleshooting Millennials Managing Stress Wearables Telephone System Digital Internet Explorer Touchscreen Solid State Drive Content Filtering Help Desk Travel Hard Drive disposal Reporting Human Resources Tablet Machine Learning A.I. Staffing Inventory Spotify Vulnerabilities IT Management Sports Two-factor Authentication Update Dongle Gadget Edge Threat Information Technology Microsoft Office 365 Hard Disk Drive Hiring/Firing Certification Live Streaming Processors Employee-Employer Relationship Knowledge Telecommute Movies Lead Generation Mobile Security Analysis Cryptocurrency Telephone Systems File Sharing Tech Support Printer Server Outlook Files Bring Your Own Device Safety Shortcut Work/Life Balance Amazon Remote Support Laptop Printing Entertainment Biometrics Authentication Video User Tip Managed IT WhatsApp Spyware Disaster Recovery GDPR Electronic Health Records Google Drive Comparison Data loss Unified Communications Recovery Voice over IP Operating System Maintenance Office Tips Automobile Remote Control User Security Network Attached Storage Streaming Media Cleaning Printers Botnet Profitability Technology Tips Hybrid Cloud CrashOverride E-Commerce Hosted Solution Paper Access Authorization Training HP Database Big Data Storage Health Specifications Staff RAM Emergency Computer Care Search Quick Tips Mobile Office Vendor Management Domains Regulation Gaming Console Autocorrect Avoiding Downtime Scalability Scheduling Windows 10 Dark Data Public Speaking Synergy Samsung Video Games Presentation Worker IaaS Managed Service Provider Lithium-ion battery Credit Cards Instagram Television DDoS Money Emoji Augmented Reality Wireless Technology 5G Printer Employer Employee Relationship HaaS IBM Fun The Internet of Things Unified Threat Management Freedom of Information Hacker Windows 7 Budget Competition Current Events Customer Relationship Management Leadership OneNote Encryption Yahoo IP Address

Newsletter Sign Up