Blog

Even the Built-In Calculator in Windows Could Allow Threats In

Even the Built-In Calculator in Windows Could Allow Threats In

You might be surprised by some of the security breaches and vulnerabilities out there, including some for apps that you would never suspect, like Windows’ Calculator application. Hackers are always looking for new ways to infect endpoints, and nothing exemplifies this better than this particular threat, one which utilizes the Windows 7 calculator app to launch attacks against Microsoft operating systems.

How Does This Threat Work?

According to security researcher ProxyLife on Twitter, there are several strains of malware utilizing an old version of the Calculator application loaded on Microsoft’s Windows operating systems. This particular version of the Calculator app was used on Windows 7, and this threat works by tricking a user into downloading an ISO disc image disguised as a PDF or other file. The ISO uses a shortcut to open the included Calculator application.

One of the features of the Windows 7 Calculator app is the use of Dynamic Link Libraries, or .dll files, rather than defaulting to Windows’ system default libraries. This is a feature that hasn’t been used in the Calculator app since Windows 7, hence the need to run the older version of the software. The Calculator app runs these libraries to infect the system with malware, and since the Calculator appears to be a legitimate application used by Windows, the system doesn’t think twice about it, allowing it to circumvent Windows’ built-in security benchmarks.

How Much Should You Worry About It?

Ultimately, we think it’s reasonable to look at this threat as an obscure one that simply shows off the ingenuity of hackers and how they are using tools in different ways. It’s not clear whether or not Microsoft has issued an update to Defender to stop these attacks, but all you need to know is that you likely won’t encounter this type of threat, so long as you are treating potential threat vectors with the scrutiny they deserve, i.e. not downloading random files that are suspicious at best.

Even if it is unlikely you will encounter these threats, it’s a bit unnerving that trusted and known applications can create these types of issues for your IT department. One way to make sure you don’t let threats fly under the radar, even for those that aren’t deemed threats by your operating system, is to proactively monitor your infrastructure for anything that is out of the ordinary. You can then take steps to contain, isolate, and eliminate them.

Let Us Help You Monitor Your Network

If you would rather not worry about keeping tabs on your network, White Mountain IT Services is happy to assist with this incredibly important part of running a business. We can implement comprehensive data security measures that minimize the opportunity for hackers to infiltrate your network. To learn more, contact us today at 603-889-0800.

Related Posts

What kind of productivity suite does your business use for its day-to-day operations? It doesn’t really matter which industry you classify yourself as or what size your company is; a productivity suite will undoubtedly transform the way your organiza...
A vulnerability was recently discovered that is effectively guaranteed to impact all computer users, from private users to businesses. While this situation will take some time to resolve fully, we want to make sure you know everything that needs to b...
A vulnerability in Microsoft’s MSHTML browser engine has been discovered and tracked by Kaspersky. It is being exploited all over the world right now. How can you avoid this vulnerability so that it doesn’t affect your business? Let’s find out....
It’s not unheard of for some threats to remain undiscovered for months or even years, as is the case with a particularly nasty one in the Microsoft Azure database system. This exploit, discovered by cloud security provider Wiz, is built into Cosmos D...
While it isn’t officially a business solution, per se, the collaboration platform known as Discord has seen some popularity as a means of facilitating a business’ internal communications. Let’s go over some handy tips to improve your use of the platf...
If you are one of the many small businesses out there that does not have reliable technical support for the myriad of devices on your network, it might be difficult to imagine a world where your technology gets the maintenance it needs to thrive. Tha...
Microsoft Word is one of the most utilized platforms in business today because it delivers the results that organizations need. Unfortunately for some of these businesses, their employees may not be as proficient with Word as they need to be. Today, ...
Businesses need to maximize productivity any way they can. Some look to software to make this happen. When searching for productivity software, it may seem like you are looking at the same thing over and over again. While we admit that many productiv...
Collaboration is something that no modern business can do without, which helps to explain why so many current applications feature it so heavily. Let’s focus on Google Drive and its multitude of collaborative capabilities that so many businesses are ...
While your attention is likely more dedicated to how you use your computer while it’s on, it is just as important to consider the different ways that you can turn your computer off, in a manner of speaking. The varied options present in the Start men...
If you asked your average person whether they are okay with their personal information being taken and used by businesses, you’d probably come across quite a bit of dissent. Ironically, it seems that people will give it right over via social media pr...
Within Google Workspace is Google Docs, a useful word processing solution that can be accessed through your web browser. In case you’re new to using Google’s productivity software, we have decided to assemble a short introduction to some of Google Do...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our offices in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 60 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

White Mountain IT Services

 


33 Main St, Suite 302
Nashua, NH 03064

 


121 Riverfront Drive
Manchester, NH 03102

 

Client Help Desk
603-889-2210

 

Open Positions