Get Started Today!  (954) 834-2800

croom new

KB Technologies Managed IT Blog

New MSHTML Vulnerability Exploitable in Windows Operating Systems

New MSHTML Vulnerability Exploitable in Windows Operating Systems

Yet another major vulnerability has been discovered, this time in Microsoft’s MSHTML browser engine. The vulnerability, discovered and tracked by Kaspersky, is currently being exploited all over the world. As such, it is critical that you know how to avoid vulnerabilities like this so that you do not inadvertently allow a hacker onto your network.

What is MSHTML?

For a little bit of background, MSHTML is the browser engine that is found in both the personal computer and server unit versions of Windows. As such, this vulnerability can be found in just about any device that runs most versions of the Windows OS. In particular, as with most forms of cyberthreats, the primary industries targeted include telecommunications, medical technology, industry, energy, banking, energy, and research and development.

How Does the Exploit Work?

The vulnerability itself is simple to exploit. All an attacker needs to do is send an infected Office file to someone. Once the infected file is downloaded, it will run code and execute the payload, infecting the target machine. Kaspersky claims that attackers then use ActiveX to go about even more malicious acts, such as downloading backdoors into the user’s system. It is thought that this threat is most dangerous when used against someone with administrative privileges, such as IT teams, rather than your average user.

What Can Be Done About It?

While MSHTML has since been patched by Microsoft, the issue is still relatively simple to avoid: don’t download the infected Microsoft Office document. Furthermore, you should never download attachments from sources you do not recognize, especially if they look the least bit suspicious.

You might notice that these are best practices that we routinely preach, which is a testament to how many threats you actually can avoid simply by following them.

This also highlights the importance of applying security patches and updates for your critical business technology. If you don’t, you put your business’ security at risk—something that you absolutely cannot risk.

Don’t let threats like these become problems for your business. Through working with KB Technologies Managed IT, you can learn all about best practices and implement security solutions designed to maximize network security. To learn more, reach out to KB Technologies Managed IT at (954) 834-2800.

Tired Of Annoying Computer Problems That Keep Coming Back?

Use RICE Prioritization Framework to Your Organiza...
The Value of Managed IT Starts with Our Technician...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, January 16 2022

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.kb-it.com/

Latest Blog

It’s a known fact that businesses do not want to imagine what might happen under the absolute worst conditions, but it is something that comes with the territory of being a business owner. If you don’t plan for the worst, it could potentially place your company at risk. How ...

Latest News

KB Technologies Managed IT is proud to announce the launch of our new website at http://www.kb-it.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...