croom new

Eclipse Integrated Systems Blog

There’s a New Internet Explorer Zero-Day Threat in Town

There’s a New Internet Explorer Zero-Day Threat in Town

Have you ever heard the phrase zero-day threat? Basically, they are the scariest threats out there, because they are unaddressed and unresolved by the software developer, all while being actively exploited in the wild. This effectively gives the developer zero days to address the issue before it becomes a problem. Today, one of the most dangerous threats of the zero-day variety takes advantage of a weakness in Internet Explorer - but there is now a patch for it.

This threat is called the Double Kill Internet Explorer vulnerability, and it was found by Chinese developers from a computer security company called Qihoo 360 Core Security. Unfortunately, they have been relatively quiet about what the specifics of this double-kill IE bug really are. This makes it much more difficult to address and identify, as identifying the warning signs can become nigh-impossible. After all, if you don’t know anything about the threat, how can you protect your business from it?

This threat uses Word documents to spread, leveraging a flaw in the Windows VBScript engine. When the Word document is opened, Internet Explorer is also opened in the background, triggering a download for an executable file. This vulnerability is designed to operate in the background without notifying the user in any way. The downloaded executable file will install a Trojan horse malware on the device, allowing the hacker to infiltrate the system at a later date without the user’s knowledge.

While we know what the threat is, there is still a lot more that we don’t know about it for sure. Professionals aren’t sure if all Word documents are affected, or if the threat needs Microsoft Office specifically installed on the device in order for the vulnerability to take root. No one even knows what role Internet Explorer plays in the attack either, or if the documents that initiate the attack are identifiable.

The only way to optimize your security against zero-day threats is to ensure that you keep best practices in mind at all times.

To get started thinking about how you can protect your business from an unknown threat, be sure to consider the basics. For one, you should never download a file from an unexpected sender. You might get emails from suspicious addresses claiming to be resumes, receipts, or other documents that your business might find useful. You can never know for sure if you’re putting your business in danger by downloading these files, so it’s best to err on the side of caution and bolster your defenses with enterprise-level security solutions. It’s especially important that you do this as soon as possible, as you never know what new types of threats will be made apparent on a daily basis.

To learn more about how your organization can protect its assets and ensure security, reach out to Eclipse Integrated Systems at 800-340-0505.

Tip of the Week: How to Use PowerPoint More Effici...
Tip of the Week: Working with Your Router for Bett...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, January 22 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Technology Best Practices Privacy Business Computing Cloud Network Security Internet Google Hackers User Tips Malware Productivity Business Management Software Microsoft Tech Term Efficiency Hosted Solutions Innovation Computer Backup Windows 10 Browser Business Apps Cybersecurity Email Productivity Managed IT Services Smartphones Mobile Devices Smartphone Internet of Things Saving Money Data Recovery Windows Data Backup Hardware Communication Small Business Android Virtualization Cybercrime VoIP Collaboration Holiday Business Continuity Workplace Tips Mobility communications Operating System Law Enforcement Microsoft Office Data Security Wireless Disaster Recovery Network Ransomware Passwords Mobile Device IT Support Data IT Support Users Cloud Computing Miscellaneous IT Services Gadgets Outsourced IT Phishing Chrome Wi-Fi Social Media Server Office 365 Mobile Device Management Telephone Systems Windows 10 Update BDR Quick Tips Password Money Google Drive Social Facebook Cost Management Employer-Employee Relationship Application App Health Government Information Technology Vulnerability Upgrade Unsupported Software Best Practice Risk Management Save Money Marketing Managed IT Services Two-factor Authentication Sports Work/Life Balance Managed IT Networking Current Events Automation Office tips Proactive IT USB Spam Artificial Intelligence Antivirus Alert Managed Service Provider Computers Blockchain Information Shortcut Identity Theft Hacking Patch Management Streaming Media Bandwidth Politics Data Management User Error Outlook End of Support Battery Training Television Remote Computing Touchscreen Audit Private Cloud Save Time Excel Company Culture Recovery Storage iPhone Managing Stress HaaS Devices SaaS Commerce BYOD Remote Monitoring and Management Gmail Automobile Computer Care Tech Support Cortana Meetings Access Control Personal Information Going Green Apple Medical IT Transportation Mobile Security Internet Exlporer Legal Wireless Technology Wireless Charging Search The Internet of Things Google Docs Analytics eWaste WiFi Office Hosted Solution Fraud Mobile Computing DDoS Managed Service Business Intelligence Data Storage Flexibility Connectivity Samsung OneNote Cleaning Data Protection Encryption VPN Word Router Compliance Social Engineering Applications Maintenance Telephony Humor History Windows 10s Evernote Downloads File Sharing Language Books Data Theft Virtual Assistant IT Management Instant Messaging Error Employer Employee Relationship Root Cause Analysis Windows Ink Ciminal Experience Fax Server Managed IT Service How To Hard Drive Benefits Access Licensing Device Security Text Messaging RAM Certification Uninterrupted Power Supply Operating Sysytem Cast Sales Plug-In Solid State Drive Budget Point of Sale Trends Troubleshooting Settings Teamwork Computing IT Solutions FAQ Internet Explorer Microsoft Office 365 Computer Accessories Augmented Reality Google Maps Project Management Phone System Cables Electronic Medical Records Chromebook Reporting Smart Technology Computer Fan Travel Microsoft Teams Security Cameras Avoiding Downtime Retail App store Hacker Hard Disk Drive Chromecast Sync Workers Advertising Wearable Technology A.I. Profitability Video Games Files Charger Threat Data Loss IT budget Music Virus Voice over Internet Protocol Safety Emails Conferencing Reputation Printing WannaCry Tablets Spyware G Suite Wearables Unified Threat Management Analysis Keyboard Updates Movies Eliminating Downtime Laptop Legislation WIndows Server 2008 Virtual Reality PowerPoint Authentication Vendor Management Proactive Webinar HBO Gifts Black Market Google Assistant GDPR Robot NFL Entertainment Bring Your Own Device Upgrades Identity Adobe Microsoft Word Running Cable Wireless Internet Touchpad Healthcare Comparison IT solutions Trending Data Breach Education Authorization Data storage Microsoft Excel Identities Big Data SharePoint Websites Amazon Credit Cards Value Dark Web Scam Nanotechnology Lithium-ion battery Edge Bluetooth Distributed Denial of Service Hybrid Cloud Consultant Data Privacy Hiring/Firing iOS Administrator PDF Worker Commute Unified Communications Help Desk Screen Mirroring Specifications Scalability Worker Printers Relocation Twitter Regulation Cache Remote Monitoring CrashOverride Emergency Monitors Disaster

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *

      Latest News

      Eclipse Integrated Systems launches new website!

      Eclipse Integrated Systems is proud to announce the launch of our new website at www.eisystems.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for prospective clients.

      Read more ...

      Account login