631-905-9617    Get SUPPORT

Suffolk Computer Consultants Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Suffolk Computer Consultants at 631-905-9617.

Are Your Printing Expenses Secretly Out of Control...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, January 24 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Privacy Cloud Network Security Productivity Cybersecurity Malware User Tips Tech Term Managed IT Services Backup Smartphones Communications Microsoft Hardware Internet Passwords Communication Efficiency Hackers Ransomware Google Business Business Management Android Outsourced IT Hosted Solutions Email Small Business Software Browser Data Backup Mobile Device VoIP Data Recovery Wi-Fi IT Services IT Support Innovation Internet of Things Social Media Network Holiday Windows 10 Alert Cloud Computing Data Applications Save Money Collaboration Microsoft Office Smartphone Users Access Control Employer-Employee Relationship Miscellaneous Saving Money Wireless Mobile Devices Router Bandwidth Computer Password Business Intelligence Managed IT Services Apps Twitter Information Excel Data Management Office Word Phishing BDR Virtualization Automation Analytics Blockchain Workplace Tips VoIP Settings Patch Management Vulnerability Business Continuity Data Breach Marketing Gadgets Networking Government Paperless Office Remote Monitoring and Management Office 365 IT Support Tip of the week Remote Computing Cost Management Chrome Website Medical IT Workers Virus VPN Remote Monitoring Tech Terms Connectivity BYOD Law Enforcement Spam Mobility Managed Service Mobile Device Management Company Culture WiFi Cybercrime Virtual Assistant How To Politics Scam Compliance Wireless Charging Windows Battery Computers Physical Security Managed IT Service Data Protection Gmail Cortana Artificial Intelligence Productivity App Dark Web Facebook Hacking Retail Big Data Cleaning Printers IT Management Sports Voice over IP Update Maintenance Inventory Remote Control User Security Access Edge Threat Microsoft Office 365 Work/Life Balance CrashOverride Dongle G Suite Hosted Solution Healthcare Specifications Managed IT Telecommute Movies Certification Processors Value Analysis Upgrade Botnet eCommerce Outlook Antivirus Office Tips Automobile Lead Generation Mobile Security Spam Blocking Business Technology Laptop Printing Telecommuting Authentication Bring Your Own Device Copy Apple Amazon Data Security Multi-Factor Security Conferencing GDPR Phone System Data loss Unified Communications News Education Smart Technology Spyware Hard Drives Network Attached Storage Streaming Media Licensing Online Shopping Profitability Operating System Email Management Sales SaaS Paper Millennials Authorization Technology Tips Hybrid Cloud Paste iPhone HP Database Content Filtering Storage Two-factor Authentication Server Staff RAM Telephone System Training Tablet Staffing Server Management Downloads Travel Eliminating Downtime Google Maps WannaCry Environment Ink Backup and Disaster Recovery Plug-In Document Management Tactics Error Tech Support Gadget Websites Microsoft Teams Cables Security Cameras Information Technology Knowledge Trends Live Streaming Wireless Internet Safety HIPAA e-waste Printer Server IT budget PowerPoint Files Telephony Troubleshooting Spotify SSD Telephone Systems File Sharing Proactive IT Biometrics Digital Internet Explorer User Tip Touchscreen Shortcut Managing Stress Remote Support Voice over Internet Protocol Wearables Entertainment Google Drive Comparison Reporting Recovery Hiring/Firing Machine Learning A.I. WhatsApp Help Desk Disaster Recovery Hard Drive disposal IP Address Employer Employee Relationship Leadership Fun Current Events Customer Service Freedom of Information Computer Care Emergency Mobile Office Domains Personal Information Net Neutrality Encryption Yahoo Windows 10 Gaming Console Public Speaking Search Scalability Vendor Management Presentation Video Games Autocorrect Lithium-ion battery Synergy Augmented Reality IaaS Quick Tips Worker Avoiding Downtime Credit Cards Scheduling Wireless Technology 5G Television Dark Data Regulation IBM Emoji Samsung The Internet of Things HaaS Managed Service Provider Hacker Printer DDoS Budget Instagram Customer Relationship Management Money Competition Unified Threat Management

Newsletter Sign Up