Blog

Windows Suffering from MSHTML Exploit

Windows Suffering from MSHTML Exploit

A vulnerability in Microsoft’s MSHTML browser engine has been discovered and tracked by Kaspersky. It is being exploited all over the world right now. How can you avoid this vulnerability so that it doesn’t affect your business? Let’s find out.

What is MSHTML?

MSHTML is the browser engine that is found within the personal computer and server unit versions of Windows. The vulnerability itself can be found in just about any device that runs most versions of the Windows operating system. Industries most impacted by this vulnerability include telecommunications, medical technology, industry, energy, banking, and research and development.

How Does the Exploit Work?

The vulnerability itself is easy to exploit, as all it needs is for someone to send an infected Office file to a user. Once the file is downloaded, it runs code and executes the payload, infecting the target machine. Kaspersky claims that attackers can then use ActiveX to perform even more attacks, like downloading backdoors onto the infected system. This is particularly devastating if the hacker can gain administrative privileges by attacking, say, the network or system administrator for your systems.

What Can Be Done About It?

MSHTML has been patched by Microsoft, but if you have yet to download the patch, you can simply not download the infected Microsoft Office document. Plus, you should never download a suspicious or unknown file in the first place. Now, applying patches and not downloading suspicious files might sound like best practices—and they are—so make sure that you are following them and not putting your company at unnecessary risk.

By working with White Mountain IT Services, you can ensure that patches get applied in a timely manner. Furthermore, you can get all of the security solutions and training needed to maximize network security. To learn more, reach out to us at 603-889-0800.

Related Posts

Let’s begin by making one thing abundantly clear—all businesses and industries could potentially be targeted by ransomware, regardless of their size or target audience. However, as of late, some industries have been targeted more and more. Let’s exam...
Let me ask you a few questions—first, how confident are you that you could spot an online ruse, and second, did you know there’s a stain on your shirt right now? Did you look? If so, you’ve just fallen for the school playground version of social engi...
Your business is your livelihood, so it only makes sense to invest in its protections so that your livelihood is secure. This will require a strategic approach. Let’s go over what your business needs to remain sufficiently secure, and what you should...
What kind of productivity suite does your business use for its day-to-day operations? It doesn’t really matter which industry you classify yourself as or what size your company is; a productivity suite will undoubtedly transform the way your organiza...
“Wait, I didn’t buy that!” That’s what many smartphone users have been saying lately, as a prevalent strain of malware has been infecting Android devices. The malware is called “toll fraud malware” and it’s been signing users up to services they don’...
Let’s get right to brass tacks. Your business is likely vulnerable to cybersecurity attacks. There are a whole lot of things you should be doing to protect your organization, but this one task is something you can do right now to save your business a...
Have you ever wondered how some platforms will only have you log in once for all of your various needs, even though they might be different applications, websites, or services? This is essentially what single sign-on is, and it’s quite common in the ...
Cloudflare has foiled the plans of yet another major hacking attack, a record-breaking DDoS attack of the likes we have never before seen. Let’s examine what goes into such an attack and what you can do to keep your business safe from their influence...
Considering what today’s cyberthreat environment looks like, more and more rigorous cybersecurity is strictly needed. One means that businesses have to accomplish this is a cybersecurity practice known as a zero-trust model. Let’s go over what zero-t...
Businesses today have to deal with more potential problems than in any time in history. They are dealing with cost increases at every turn, personnel shortages, and a regulatory landscape that is always evolving. One of the biggest issues that can ha...
Security is an incredibly important part of running a business, but it’s extremely easy for busy employees to fall short of the security expectations you might place on them. This is why it is so important to train your employees on the many facets o...
Due to the increasing complexity and rapid growth of the cybersecurity industry, businesses need to stay ahead of developing threats designed to undermine advancements in the latest and greatest security technologies. One way that researchers have us...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our offices in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 60 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

White Mountain IT Services

 


33 Main St, Suite 302
Nashua, NH 03064

 


121 Riverfront Drive
Manchester, NH 03102

 

Client Help Desk
603-889-2210

 

Open Positions