Contact Us Today! 1-844-237-4300

Central Technology Solutions Blog

WARNING: A New Zero-Day Threat is On the Loose

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Central Technology Solutions at 1-844-237-4300.

Medical IT: How Is HITECH Doing?
Password Protection Policies Keep Businesses Safe


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, September 18 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Join our mailing list!

  • Company Name *
  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Tag Cloud

      Security Tip of the Week Best Practices Cloud Technology Business Computing Privacy Email Malware Hosted Solutions IT Services Hackers Productivity Managed IT Services Internet IT Support Network Security Software Outsourced IT Data Mobile Devices Ransomware Microsoft Business Data Backup Backup Computer Tech Term Innovation Internet of Things Hardware Smartphone Google Data Recovery Cloud Computing Small Business Managed Service Provider Business Continuity Data Management Windows 10 Android Managed IT User Tips Communication Social Media Remote Monitoring Disaster Recovery Artificial Intelligence Browser Efficiency Encryption BYOD VoIP Windows Smartphones Facebook Paperless Office Productivity IT Support Save Money Risk Management Cybersecurity Workplace Tips App Firewall Recovery Applications Saving Money Business Management Unified Threat Management Mobile Device Robot Gmail Phishing Upgrade Mobile Device Management Network Office 365 Chrome Virtualization Holiday Government Bandwidth Tip of the week Money Wi-Fi Document Management Hosted Solution Bring Your Own Device Data storage Website Going Green Apps Compliance Infrastructure Vendor Management Telephone Systems Passwords SaaS Server Content Filtering Password BDR Big Data Automation Apple Unified Communications Windows 10 IT Management Computing Antivirus Two-factor Authentication Project Management Router Collaboration Work/Life Balance Employer-Employee Relationship Virtual Reality Miscellaneous Wireless Data loss Vulnerability Managed Service Data Security Regulations Training IT Service Remote Computing Analytics Computers Storage File Sharing Tablet Mobile Computing How To Samsung Hacker Word Files Spam Social Flexibility WiFi Managed IT Services Redundancy Chromebook YouTube Wireless Technology Legal Avoiding Downtime Help Desk Healthcare Customer Service Tech Support Quick Tips Scam The Internet of Things Politics Administration Upgrades Education VPN Smart Technology Digital Payment LiFi Budget Patch Management Websites Identity Theft Twitter Information Technology IT solutions Customer Relationship Management Licensing Virtual Private Network Printing Internet Exlporer Mouse End of Support Health Network Management Outlook IoT Information HIPAA Sports Assessment Business Technology Office Blockchain Server Management How To Google Drive Monitors Mobile Security Settings Mobility communications Microsoft Office Alert Business Growth Uninterrupted Power Supply Statistics Mobile Data SharePoint Staff Company Culture Hard Drives Google Docs Address Break Fix Social Networking Asset Tracking Unified Threat Management Hotspot Crowdsourcing Users Recycling Digital Obstacle Black Friday Roanoke — Central Technology Solutions Supercomputer MSP Humor Disaster Resistance G Suite History Utility Computing Consulting Drones Search Dark Data Personal Information Mirgation Tracking Development Backups Superfish Safety Fraud Screen Reader OneNote Deep Learning Bluetooth Downloads Augmented Reality Taxes Managing Stress Solid State Drive Dark Web Motherboard Google Maps Notifications User Error Language eWaste Spyware Course Cyber Monday technology services provider Private Cloud IT Budget Downtime Proactive Current Events Proactive IT Smart Tech Cabling Managed Services Provider Alt Codes Shortcut Software as a Service Migration Cables Black Market Employee-Employer Relationship Operations Enterprise Content Management Cryptocurrency Firefox Writing Emoji Data Warehousing Maintenance Computing Infrastructure Point of Sale Management Network Congestion Technology Assurance Group ’s 18 Remote Monitoring and Management Heating/Cooling IT Consulting Net Neutrality Virtual Desktop Cost Management E-Commerce Typing WannaCry Computer Repair Technology Tips Chatbots Wires Hacks Time Management Networking Connectivity Remote Workers Best Practice Hacking Physical Security Multi-Factor Security Wearable Technology Telephony Vulnerabilities Bitcoin Retail Cortana Microsoft Excel Modem Sync Data Breach 3D Printing Printer Alerts Law Enforcement Enterprise Resource Planning Operating System Display Distributed Denial of Service Annual Convention Public Cloud WPA3 Servers Travel Hard Drive Features Comparison Identity Botnet Processors Disaster Trending Office Tips Google Calendar Geography Windows 8 Save Time Cookies Mobile Device Managment Software Tips Technology Laws Unsupported Software Virus Access Control Cooperation Gadget Marketing Mobile Identities Mail Merge Update Managed IT Service San Diego Automobile Computer Care Fleet Tracking Gadgets Cache Electronic Health Records VoIP Sponsor Electronic Medical Records Specifications Machine Learning Buisness Touchscreen Techology Star Wars Monitoring Google Wallet Legislation IT Technicians GPS High-Speed Internet Consultation Lenovo Social Engineering USB Permissions Nanotechnology CCTV Administrator Meetings Cyberattacks Relocation Webcam Read Only Hard Disk Drive IT Consultant Printers Error Cybercrime Emergency Web Server CrashOverride Cameras Motion Sickness Regulation