Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT
Tuesday, 09 December 2014 / Published in Woo on Tech

New IE zero-day surfaces

Microsoft zero-day warning

Lest you think Microsoft has finally plugged the many holes in the S.S. Internet Explorer, Patch Tuesday December includes four critical upates (Microsoft’s “critical” rating means they should be applied immediately) addressing newly discovered weaknesses, including an active zero-day exploit of the OLE (Object Linking & Embedding) platform. This particular chunk of code allows Microsoft apps like Office Word and Outlook to exchange documents between each other: when you insert an Excel spreadsheet into a Word document and it shows up as an editable spreadsheet, that’s OLE at work. In this case, the exploit allows hacked Office documents attached in Outlook emails to circumvent security, typically for the express purpose of installing other malware onto the victim’s machine.

What this means for you:

I can already see your eyes glazing over, and I don’t blame you. Microsoft’s bulletins are making me cross-eyed as well. Here’s what you need to do:

  1. Make sure your OS is patched. The updates should start arriving on computers as early as tonight. Unless your machine is being managed by an internal IT department and they’ve disabled this functionality, your Windows OS should be set to automatically download and patch all important updates from Microsoft. If you are not sure if your computer is set up this way, you can check by going to Control Panels -> Windows Update.
  2. If you must use Internet Explorer, avoid using it until you get fully updated with the latest round of patches (see #1). If it’s possible, consider using an alternative such as Firefox or Chrome. While neither is guaranteed free of security bugs, they are still faring better than IE in terms of exploits.

As always, avoid opening strange and/or unexpected attachments. If you regularly exchange documents with others via the internet, consider using a secure filesharing platform other than Dropbox or Drop or any of the numerous clones that offer free apps. Instead, look into options like Citrix Fileshare (we use it here at C2) for a much more secure and fully encrypted way to exchange documents.

  • Tweet
Tagged under: exploit, internet explorer, microsoft, patch tuesday, security, zero day

What you can read next

heartbleed.png
Widespread Encryption Weakness Discovered After 2 Years
Facebook Logo
Facebook Upsets the Internet…Again
A Hidden War is Being Fought Among the Internet of Things

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • ID-10067190.jpg

    Don’t expect Facebook to honor your privacy

    As someone who is beyond jaded by social media ...
  • Working from Home is great. Or is it?

    Social media is literally ablaze with heated di...
  • Should you flag a number as “spam”?

    It happens to all of us. You are elbow deep in ...
  • Honda Hacked

    Honda key fobs vulnerable to hack

    If you are a long-time reader of this blog, you...
  • Gmail security change creates unintentional headaches for businesses

    You may not realize it, but your organization i...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP