Contact us today!
(954) 575-3992
facebook linkedin Business Solutions & Software Group RSS Feed

Michael DeMarco

Business Solutions & Software Group has been serving the Coral Springs area since 2005, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

New MSHTML Vulnerability Exploitable in Windows Operating Systems

New MSHTML Vulnerability Exploitable in Windows Operating Systems

Yet another major vulnerability has been discovered, this time in Microsoft’s MSHTML browser engine. The vulnerability, discovered and tracked by Kaspersky, is currently being exploited all over the world. As such, it is critical that you know how to avoid vulnerabilities like this so that you do not inadvertently allow a hacker onto your network.

What is MSHTML?

For a little bit of background, MSHTML is the browser engine that is found in both the personal computer and server unit versions of Windows. As such, this vulnerability can be found in just about any device that runs most versions of the Windows OS. In particular, as with most forms of cyberthreats, the primary industries targeted include telecommunications, medical technology, industry, energy, banking, energy, and research and development.

How Does the Exploit Work?

The vulnerability itself is simple to exploit. All an attacker needs to do is send an infected Office file to someone. Once the infected file is downloaded, it will run code and execute the payload, infecting the target machine. Kaspersky claims that attackers then use ActiveX to go about even more malicious acts, such as downloading backdoors into the user’s system. It is thought that this threat is most dangerous when used against someone with administrative privileges, such as IT teams, rather than your average user.

What Can Be Done About It?

While MSHTML has since been patched by Microsoft, the issue is still relatively simple to avoid: don’t download the infected Microsoft Office document. Furthermore, you should never download attachments from sources you do not recognize, especially if they look the least bit suspicious.

You might notice that these are best practices that we routinely preach, which is a testament to how many threats you actually can avoid simply by following them.

This also highlights the importance of applying security patches and updates for your critical business technology. If you don’t, you put your business’ security at risk—something that you absolutely cannot risk.

Don’t let threats like these become problems for your business. Through working with Business Solutions & Software Group, you can learn all about best practices and implement security solutions designed to maximize network security. To learn more, reach out to Business Solutions & Software Group at (954) 575-3992.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 23 November 2024
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Latest News

Our Site Has Launched!

flag

Welcome to Our New Site!
We are proud to announce the unveiling of our new website at Business Solutions & Software Group!

Read more...

Contact Us

Learn more about what Business Solutions & Software Group can do for your business.

callphone

Call us today    (954) 575-3992

10211 W Sample Road
Suite 114
Coral Springs, Florida 33065

facebook linkedin #