Contact Us Today! 1-844-237-4300
2 minutes reading time (445 words)

WARNING: A New Zero-Day Threat is On the Loose

WARNING: A New Zero-Day Threat is On the Loose

Zero-day threats are some of the most dangerous ones out there. What we mean by “zero day” threats are those that have been discovered by hackers before an official patch has been released by the developers, giving them exactly zero days before they are actively exploited in the wild. One of the more dangerous zero-day threats out there at the moment is one that takes advantage of Internet Explorer.

Before we start making Internet Explorer jokes, we want to mention that there is nothing funny about online threats--particularly those that haven’t been addressed yet by the developers. This newly discovered zero-day threat is called the “Double Kill” Internet Explorer vulnerability. Unfortunately, the Chinese developers who discovered this vulnerability--a computer security company called Qihoo--have been quiet about the details regarding the double-kill IE bug. It’s also difficult to tell if your organization is under threat, as they aren’t revealing any of the warning signs of such an attack.

The only thing known for sure about this threat is that it takes root by using Word documents. It’s likely that this is done through email attachments as well, as email is a major method of transporting threats of all kinds. When the document is opened up, Internet Explorer is opened in the background via some kind of shellcode that downloads an executable file. The vulnerability does all this without showing anything of note to the user, making it a difficult threat to identify, but the effects are well-known. Apparently, the downloaded executable file installs a Trojan horse malware on the user’s device which creates a backdoor into the system.

There are a lot more unknowns than anything else with this vulnerability, though. In particular, professionals aren’t sure if all Word documents are affected by this vulnerability, or if the threat even needs Microsoft Office in order to function as intended. It’s not even known what role Internet Explorer plays in the attack, or if the documents that can trigger this attack are identifiable. All we can tell you is that you need to keep security best practices in mind to keep these kinds of zero-day threats from becoming a problem for your organization.

To start, you should never download an unexpected file from an unexpected sender. This can come in the form of a resume, receipt, or other online document. You can never know for sure what you’re actually downloading, as criminals have been able to spoof email addresses to a dangerous degree in recent years. Just be cautious about everything you can, and augment caution with powerful security tools that can identify potential risks before they become major problems.

To get started with network security, reach out to Central Technology Solutions at 1-844-237-4300.

Medical IT: How Is HITECH Doing?
Password Protection Policies Keep Businesses Safe

Related Posts



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Sunday, June 24 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Join our mailing list!

  • Company Name *
  • First Name *
  • Last Name *

      Mobile? Grab this Article!

      QR-Code dieser Seite

      Tag Cloud

      Security Tip of the Week Cloud Best Practices Technology Business Computing Email Malware Productivity Privacy Hosted Solutions Hackers IT Services Managed IT Services IT Support Network Security Outsourced IT Internet Mobile Devices Software Ransomware Backup Microsoft Data Backup Data Smartphone Business Small Business Data Recovery Managed Service Provider Internet of Things Business Continuity Innovation Computer Hardware Android Google Cloud Computing Data Management Windows 10 Tech Term Managed IT Disaster Recovery Social Media Remote Monitoring Windows Smartphones Paperless Office Browser Encryption User Tips Communication Artificial Intelligence BYOD App Facebook Efficiency Risk Management Cybersecurity Phishing Gmail Upgrade Recovery Applications Business Management Mobile Device Management Saving Money Save Money Firewall Mobile Device VoIP Robot Data storage Telephone Systems Content Filtering Bring Your Own Device SaaS Going Green Vendor Management Productivity Office 365 Big Data Password Virtualization Chrome Holiday Tip of the week Government Document Management Unified Threat Management Hosted Solution Infrastructure Compliance Apps Server Money BDR Computing Passwords Training Regulations Workplace Tips IT Service Computers Wireless Network Windows 10 IT Management Automation Unified Communications Analytics Remote Computing Project Management Antivirus Bandwidth Wi-Fi Work/Life Balance Apple Employer-Employee Relationship Website Virtual Reality Miscellaneous Data Security Data loss Vulnerability Assessment Business Technology HIPAA End of Support Server Management Health Mobility Mobile Security Budget Office Sports File Sharing Information Technology Uninterrupted Power Supply Monitors IT Support Microsoft Office Alert communications Tablet Printing Outlook Storage Mouse Files Word Managed IT Services How To Redundancy Samsung Google Drive Spam Settings Tech Support Flexibility Scam YouTube The Internet of Things Business Growth WiFi Router Collaboration Avoiding Downtime Help Desk Two-factor Authentication Politics VPN Smart Technology Digital Payment Mobile Computing Customer Service Websites Identity Theft Social Hacker Patch Management Administration Customer Relationship Management Upgrades LiFi Licensing Education Virtual Private Network Twitter Wireless Technology Legal Network Management Internet Exlporer IT solutions Cryptocurrency 3D Printing Blockchain Cookies Mobile Device Managment Software Tips IoT Disaster Display Trending Google Calendar How To Mail Merge Processors Managed IT Service San Diego Automobile Computer Care Technology Laws Access Control Cooperation Gadget Mobile Specifications Machine Learning Hacks Office Tips Touchscreen Techology Typing Cache VoIP Sponsor GPS Bitcoin Consultation Unsupported Software Lenovo Virus Permissions Nanotechnology Best Practice Star Wars Update Marketing Legislation IT Technicians Company Culture Address Buisness Break Fix Social Networking Statistics Electronic Medical Records Gadgets SharePoint Staff Operating System Black Friday Roanoke — Central Technology Solutions Supercomputer Disaster Resistance Unified Threat Management Hotspot Crowdsourcing Recycling Digital Social Engineering Obstacle USB Mirgation Tracking Windows 8 Save Time Mobile Data Superfish Fraud Screen Reader History Utility Computing Search Managing Stress Dark Web Motherboard Google Maps Bluetooth Users Downloads Augmented Reality Taxes Identities Cyber Monday technology services provider Private Cloud IT Budget Dark Data Personal Information Proactive IT User Error Language eWaste Spyware Safety Course Software as a Service Migration Quick Tips Smart Tech Cabling Google Wallet Healthcare Shortcut Chromebook Enterprise Content Management Firefox Notifications Downtime Data Warehousing Operations Hard Drives Google Docs Black Market Technology Assurance Group ’s 18 Humor Heating/Cooling IT Consulting Maintenance Computing Infrastructure Management Technology Tips Chatbots Backups Time Management Networking Net Neutrality Drones Cost Management WannaCry Writing Emoji Microsoft Excel Modem Sync Deep Learning Connectivity Network Congestion Hacking Multi-Factor Security Wearable Technology Telephony Solid State Drive Distributed Denial of Service Annual Convention Public Cloud Current Events Servers Computer Repair Data Breach Virtual Desktop Printer Alerts Law Enforcement Enterprise Resource Planning Comparison Identity Botnet Physical Security Travel Alt Codes Hard Drive Retail Cortana Cameras Motion Sickness Administrator CCTV Relocation Meetings G Suite Webcam Hard Disk Drive IT Consultant Error Point of Sale Cybercrime Emergency CrashOverride Web Server