Zero-Day Attack – What It Is, And How It Affects You

Zero-Day Attack – What It Is, And How It Affects You

Jul 15, 2014

The mention of a zero-day attack brings jitters to many people who use computers. The term may also be referred to as zero-day threat, zero-hour attack, or day-zero threat. Simply put, it is a threat or attack that takes advantage of computer application vulnerabilities that are yet to be discovered. It may also apply to vulnerabilities which have been discovered, but developers are yet to find a patch or fix for it. Due to having nil or zero days to address or correct the flaw, it is referred to as zero-day. Upon the creation of a fix or patch, it is no longer termed as a day-zero exploit. How Zero-Day Attack Is It Discovered Normally, malware or malicious software writers are among the first people that come across the vulnerability. Upon discovery, they will use it to exploit or manipulate computer applications. This is done through various vectors or avenues which include web browsers, emails, ads and more. By simply opening an application or attachment to an email, the attack will take effect. In order to take advantage of the situation, the malware is engineered. Nonetheless, computer programmers also have a hand in discovering the weaknesses of an application. By learning about an exposure they are able to develop a fix before the writers of malicious software make use of the window of opportunity. What Are The Concerns? The threat only takes place within a certain period known as window of opportunity. This is the period between when it is first noticed and when a fix or patch is released. The window of opportunity always varies. Some exploits are known to have existed for years before they were finally realized or fixed. A classic example is that of Microsoft’s Internet Explorer, which was discovered in 2008 yet the program had been released in 2001. The effects of the threat or virus include altering how an application is responding, interfering with network or internet security, stealing personal information, banking passwords, account information, credit details, and much more. Handling the Situation When a threat is revealed, developers will work round the clock to contain the situation. Usually, they will work on it without informing the general...

Internet Explorer Security Bug And Taking Necessary Precautions

Internet Explorer Security Bug And Taking Necessary Precautions

May 27, 2014

An Internet Explorer security bug by Microsoft has been identified and is being reported to all users of the browser. As it is taking the company time to implement the actual fix, they are giving their users alternative options to address these situations. The security exposure that they are referencing involves giving hackers an opportunity to take over the computer remotely from another location and the user may not recognize it until the damage has been done. Internet Explorer Security Bug Are there Specific Internet Explorer Versions Involved? Since most people are concerned about the specific versions that this bug infects, the response provided has been all of them, from Internet Explorer version 6 of Internet Explore Version 11. However, based on information from FireEye, the hackers are currently targeting the users of Internet Explorer 9 and higher versions. Because the same bug has been used to hack into various U.S. financial firms over the weekend, they are warning all affected users to protect themselves. What to do to Minimize Internet Explorer Security Bug Risks As this news is being released, Microsoft is addressing the issues with their users in order to minimize the risks. So, taking the necessary precautions is one of the first things that they are recommending until the browsers have been modified with the correction and released to the user as an out of cycle security update. Listed below are some things that can be done to make sure customers are not affected by the bug. Switch to another Browser or XP Users Should Upgrade to another Version of Microsoft National security agencies like the Computer Emergency Readiness Organizations from the U.S and the UK are recommending that Microsoft customers switch to Google Chrome or Mozilla Fox browsers until the fix has been made. By making these changes, users will no longer be at risk of hackers taking control of their computers. Additionally, because Microsoft is no longer supporting Window XP operating systems, they are not releasing a security patch to fix this problem. Consequently, they are recommending that users upgrade their operating system from XP to another version of Microsoft. Install Enhanced Mitigation Experience Took kit or Utilize Other...

banner