(403) 210-2927    Get SUPPORT

OnSite I.T. Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to OnSite I.T. at (403) 210-2927.

Are Your Printing Expenses Secretly Out of Control...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, March 25 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Network Security Privacy User Tips Productivity Tech Term Smartphones Microsoft Google Efficiency Internet Communication Data Hardware Cloud Email Passwords Cybersecurity Malware Users Innovation Mobile Device IT Support Mobile Devices Browser Windows 10 Android Ransomware Business Wi-Fi Communications Small Business Software Collaboration Network Business Management IT Services Backup Saving Money Data recovery Wireless Workplace Tips Outsourced IT Internet of Things Hosted Solutions Managed IT Services Data Backup Hackers Applications Holiday Managed IT services Cloud Computing Blockchain Social Media VoIP Networking Business Intelligence Marketing Smartphone Information Employer-Employee Relationship Data Breach Office 365 Medical IT Patch Management VPN Cost Management BDR Miscellaneous Excel Router Virtualization Gmail Chrome Facebook Save Money Managed Service Remote Computing Data Management Government Managed IT Service Computers Analytics Compliance Wireless Charging Automation Tech Terms Computer Cortana Connectivity Artificial Intelligence Paperless Office Apps Access Control Data Protection Mobility Microsoft Office Virtual Assistant G Suite Bandwidth Remote Monitoring and Management Password Phishing Data Security Bring Your Own Device Laptop SSD Training PowerPoint Edge Wireless Internet Internet Explorer Analysis Sales Settings Cryptocurrency RAM Authorization Update Database Amazon eCommerce IT Management Personal Information Upgrade Trends Spyware Environment Hybrid Cloud Security Cameras Sports SaaS Hard Drives Comparison WannaCry Telecommute Help Desk Threat Tablet Battery Server Management Spam Microsoft Teams How To Outlook Cybercrime User Security E-Commerce A.I. Touchscreen Server HP Websites e-waste Cables Twitter Word GDPR Specifications HIPAA Data loss Technology Tips Business Continuity Printing Knowledge Time Management Company Culture Apple Telecommuting Document Management Profitability Tactics Plug-In Payment Movies Microsoft Office 365 disposal Voice over Internet Protocol Law Enforcement Telephony IT budget Inventory Wearables Storage Conferencing Hard Drive Virus Workers Certification Paper Lead Generation Chrome OS Managing Stress iPhone Dongle Eliminating Downtime Safety Proactive IT Business Technology Online Shopping Network Attached Storage instant Messaging Tip of the week Value Voice over IP Mobile Security Healthcare Streaming Media Dark Web Office Processors Antivirus Millennials Physical Security Backup and Disaster Recovery Ink Reporting Machine Learning Gadgets Digital BYOD Maintenance Vulnerabilities Unified Communications Authentication User Tip File Sharing Operating System Big Data Downloads Error Content Filtering Vulnerability Staff Troubleshooting Website Remote Monitoring Customer Service Mobile Office Domains Search Windows 7 Quick Tips Mobile Device Management Windows 10 Public Speaking Presentation Two-factor Authentication Lithium-ion battery Augmented Reality Disaster Recovery Wireless Technology 5G Regulation Managed Service Provider Tech Support Alert IBM Hacker The Internet of Things Productivity Hiring/Firing Printers Net Neutrality Budget Competition Fun Customer Relationship Management IP Address