Kaspersky has recently tracked and discovered a vulnerability within Microsoft’s MSHTML browser engine. This vulnerability is being exploited all over the world, so what can you do to avoid it, and can it affect your business?
What is MSHTML?
Within the server unit and personal computer version of windows, MSHTML is the browser engine. If your device is running Windows, chances are this vulnerability can be found. Though, some of the industries impacted by this the most are those in energy, banking, research, medical technology or telecommunications.
How Does the Exploit Work?
All this vulnerability needs is for one person to receive an infected Office file. Once this file is downloaded, a code will run and execute the payload, in turn, infecting the targeted machine. Then, they can use ActiveX to perform more attacks on the system, according to Kaspersky. These attacks might include downloading backdoors and gaining administrative privileges.
What Can Be Done About It?
MSHTML has been patched by Microsoft but you have to download the patch for it to protect you. Never download suspicious or unknown files in the first place, but especially right now when you could be being specifically targeted. MyTek can make sure you’ve downloaded the patch so your systems are secure, so give us a call today at 623-312-2444.