Out of the Box Solutions Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Out of the Box Solutions at 800-750-4OBS (4627).

Are Your Printing Expenses Secretly Out of Control...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, March 23 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Network Security User Tips Privacy Productivity Tech Term Microsoft Smartphones Communication Internet Data Efficiency Hardware Email Cybersecurity Google Mobile Devices Passwords Windows 10 IT Support Innovation Cloud Mobile Device Browser Android Malware Business Management Small Business Collaboration IT Services Communications Ransomware Users Network Saving Money Managed IT Services Wi-Fi Data recovery Internet of Things Business Wireless Hackers Holiday Software Workplace Tips Managed IT services Data Backup Applications Outsourced IT Backup Hosted Solutions Social Media Information Networking Employer-Employee Relationship VoIp Marketing Cloud Computing Business Intelligence Blockchain BDR Patch Management G Suite Remote Computing Computer Data Management Remote Monitoring and Management Computers Office 365 Tech Terms Save Money Cortana Microsoft Office Access Control Connectivity Automation Medical IT Facebook Gmail Paperless Office Smartphone Apps Artificial Intelligence Bandwidth Virtual Assistant Password Cost Management Analytics Managed Service Mobility Wireless Charging Data Security Managed IT Service Compliance Virtualization VPN Sports Personal Information WannaCry Server Management e-waste Outlook Big Data Excel Security Cameras Server Data Protection RAM Edge Virus Safety Threat Business Continuity Settings Hard Drives Trends Office Microsoft Office 365 HP Tactics Storage E-Commerce HIPAA disposal Bring Your Own Device Telecommuting Profitability Printing Knowledge Reporting Word Mobile Security Microsoft Teams Tip of the week Miscellaneous Antivirus Phishing Upgrade IT budget SSD A.I. Content Filtering Time Management Document Management Telecommute Comparison Dark Web Payment Hard Drive Value Hybrid Cloud Amazon Eliminating Downtime Physical Security Dongle Paper Telephony Wearables Lead Generation Network Attached Storage Operating System Company Culture User Tip Staff Data Breach Analysis Certification Battery Movies Authentication Chrome Maintenance eCommerce Laptop Technology Tips Specifications Error instant Messaging Processors Cables Workers BYOD Ink Voice over IP SaaS Healthcare Managing Stress Troubleshooting Sales Twitter Gadgets Authorization Chrome OS Digital Data loss Router Online Shopping Streaming Media Vulnerabilities Vulnerability Machine Learning Database Voice over Internet Protocol Millennials Plug-In Wireless Internet Government PowerPoint GDPR Environment Update Tablet Training IT Management Inventory Unified Communications Spam Websites Internet Explorer Help Desk Backup and Disaster Recovery Downloads Conferencing Touchscreen Cryptocurrency Spyware Cybercrime Business Technology Proactive IT Regulation Disaster Recovery Windows 7 Alert Printers Quick Tips Net Neutrality