631-905-9617    Get SUPPORT

Suffolk Computer Consultants Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Suffolk Computer Consultants at 631-905-9617.

Are Your Printing Expenses Secretly Out of Control...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, October 19 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Business Computing Technology Best Practices Cloud Privacy Cybersecurity Network Security Managed IT Services Malware Tech Term Communications Microsoft Productivity Backup Smartphones Passwords Communication Hosted Solutions Hackers Hardware Outsourced IT Email Small Business Software Ransomware Browser User Tips Business Business Management Google Internet VoIP Android Efficiency Wi-Fi Save Money Alert Social Media Router Applications Computer Data Collaboration Twitter Microsoft Office Smartphone Innovation Bandwidth Data Backup Miscellaneous Saving Money Employer-Employee Relationship Data Recovery Windows 10 Cloud Computing Business Intelligence Settings Patch Management Mobile Device Workplace Tips Vulnerability Password BDR Internet of Things Excel Apps IT Support Office Blockchain Gadgets Network Access Control Government Automation Analytics Users IT Services VoIP Data Management Phishing Data Breach Managed IT Services Virtualization Mobile Devices Gmail Scam Retail Tech Terms Compliance Dark Web Battery VPN Workers Cortana Virtual Assistant Productivity Marketing Tip of the week Remote Computing Chrome App Virus Hacking Company Culture Word Paperless Office Computers Politics Website Office 365 Cost Management IT Support Information Artificial Intelligence How To Windows Remote Monitoring Spam Law Enforcement Networking Wireless Wireless Charging Holiday Business Continuity Mobile Device Management Physical Security Managed IT Service WiFi Cybercrime Data Protection Entertainment Biometrics Authorization Edge Threat Two-factor Authentication Facebook Shortcut Dongle G Suite Disaster Recovery Storage Processors Value Live Streaming Recovery Telecommute Movies Knowledge Server Mobile Security Files Telephony Google Maps Cleaning Printers Connectivity Telephone Systems File Sharing Maintenance Lead Generation User Tip Access Laptop Printing Tech Support Remote Support CrashOverride Plug-In Bring Your Own Device Error Spyware WhatsApp Cables Data loss Unified Communications Safety Google Drive Comparison Operating System Voice over IP Network Attached Storage Streaming Media Remote Control User Security Antivirus Spotify BYOD Troubleshooting Paper Hosted Solution Proactive IT Technology Tips Hybrid Cloud Education Smart Technology Touchscreen HP Database Phone System Voice over Internet Protocol Staff RAM Specifications Reporting WannaCry Environment Big Data eCommerce Server Management Downloads Spam Blocking Business Technology Hiring/Firing Telecommuting SaaS Update Ink Copy Apple Remote Monitoring and Management Backup and Disaster Recovery Microsoft Office 365 Document Management Tactics News Websites Microsoft Teams Multi-Factor Security Conferencing Work/Life Balance Medical IT HIPAA e-waste Licensing Online Shopping Staffing Trends Email Management Sales Managed IT Millennials Office Tips Automobile Outlook IT budget PowerPoint Paste iPhone Botnet Analysis SSD Content Filtering Information Technology Authentication Digital Internet Explorer Telephone System Gadget Amazon Managing Stress GDPR Hard Drive disposal Travel Machine Learning A.I. Tablet Printer Server IT Management Sports Hard Drives Managed Service Inventory Search Presentation Unified Threat Management Lithium-ion battery Vendor Management Augmented Reality Autocorrect Avoiding Downtime Leadership Quick Tips Current Events Wireless Technology 5G IBM Dark Data Scheduling Regulation The Internet of Things Samsung Computer Care Hacker Personal Information Budget Managed Service Provider Net Neutrality Customer Relationship Management DDoS Competition Instagram Emergency Gaming Console IP Address Money Employer Employee Relationship Customer Service Fun Scalability Upgrade Freedom of Information Video Games Mobile Office Synergy IaaS Worker Domains Television Credit Cards Windows 10 Yahoo Encryption Emoji HaaS Printer Public Speaking

Newsletter Sign Up