Zero-Day Threat Spreading Through Microsoft Word

Schedule a Discovery Call
hand-laptop-notebook-typing

Page Content

Zero-day threats are all over the news when they are discovered, but what are they exactly? In short, zero-day threats are vulnerabilities found in software that are currently being exploited in the wild without the developers having found a fix for them. In other words, the developer has zero days to prepare for such an exploit. One of the latest vulnerabilities of this nature utilizes Internet Explorer, and thankfully, there is now a patch for it.

This threat, dubbed the Double Kill Internet Explorer vulnerability, was found by Chinese developers from a computer security company called Qihoo 360 Core Security. While they have been reluctant to provide any specifics about what this bug does, this doesn’t mean that you should let up on keeping a lookout for any warning signs. Granted, looking for these warning signs is considerably more difficult when you don’t know how to address or identify them, but it never hurts to err on the side of caution whenever possible.

This zero-day threat uses Word documents to spread. They leverage a flaw in the Windows VBScript engine to install a backdoor into the victim’s device. Basically, when the Word document is opened, Internet Explorer will also open up in the background, triggering a download to an executable file. This file installs the Trojan horse malware without giving the user any reason to suspect that it exists. The hacker can then access the device at their leisure.

Knowing what the threat is makes it easier to combat, but we still don’t necessarily know much about it for sure. For example, it’s not clear if all Word documents are affected, or if the threat uses Microsoft Office itself to infiltrate. It’s not even clear what role Internet Explorer has in the attack, or if the documents can be identified before the attack has taken place. Either way, it’s difficult at best to identify zero-day threats, so it’s critical that you keep security best practices in mind to prevent them from becoming major issues.

To get started on improving your security, you need to understand the basics. For starters, you should never download a file from an unknown source. If you get suspicious emails that claim to be resumes, receipts, or other documents, always approach them with a grain of salt. It’s not always clear whether or not you’ll encounter dangerous entities while conducting business, but you can never be too careful or cautious. Enterprise-level security solutions provide an extra layer of security.

If your organization needs security solutions, Succurri can help. To learn more, reach out to us at (480) 795-2181.

cover

Learn how to do some amazing things with computers

A little introduction to doing stuff with computers that you wouldn’t know without reading this book.
Subscribe
Schedule a Call with Us

You’ll be able to select a time to discuss any IT support needs with us.

Schedule a Discovery Call
Sarah W
Sarah W.

Phoenix Consultant

More Articles

Have you checked that your IT provider has a valid MSSP certification? Read more about

Outsourcing has become a common practice across all companies, but it’s important to understand why

The construction industry faces unique challenges when it comes to maintaining reliable and efficient communication

Secure Your Free Spot Today!

Submit a new Support Ticket