Yet another major vulnerability has been discovered, this time in Microsoft’s MSHTML browser engine. The vulnerability, discovered and tracked by Kaspersky, is currently being exploited all over the world. As such, it is critical that you know how to avoid vulnerabilities like this so that you do not inadvertently allow a hacker onto your network.
What is MSHTML?
For a little bit of background, MSHTML is the browser engine that is found in both the personal computer and server unit versions of Windows. As such, this vulnerability can be found in just about any device that runs most versions of the Windows OS. In particular, as with most forms of cyberthreats, the primary industries targeted include telecommunications, medical technology, industry, energy, banking, energy, and research and development.
How Does the Exploit Work?
The vulnerability itself is simple to exploit. All an attacker needs to do is send an infected Office file to someone. Once the infected file is downloaded, it will run code and execute the payload, infecting the target machine. Kaspersky claims that attackers then use ActiveX to go about even more malicious acts, such as downloading backdoors into the user’s system. It is thought that this threat is most dangerous when used against someone with administrative privileges, such as IT teams, rather than your average user.
What Can Be Done About It?
While MSHTML has since been patched by Microsoft, the issue is still relatively simple to avoid: don’t download the infected Microsoft Office document. Furthermore, you should never download attachments from sources you do not recognize, especially if they look the least bit suspicious.
You might notice that these are best practices that we routinely preach, which is a testament to how many threats you actually can avoid simply by following them.
This also highlights the importance of applying security patches and updates for your critical business technology. If you don’t, you put your business’ security at risk—something that you absolutely cannot risk.
Don’t let threats like these become problems for your business. Through working with SRS Networks, you can learn all about best practices and implement security solutions designed to maximize network security. To learn more, reach out to SRS Networks at (831) 758-3636.