Geraldine Strawbridge

Geraldine Strawbridge is a graduate from the University of Glasgow. As the Editor of Cyber Radio, Geraldine is focused on delivering the latest cyber security news whilst making cyber security more relatable to people in their everyday lives.

A zero-day flaw in Microsoft’s Internet Explorer has been exploited by cyber criminals to carry out targeted attacks.

The flaw which was first identified by the Kapersky Lab in April, has been named CVE-2018-8174 and has been used to target victims via malicious Word documents.

This is the first known case of such a technique being used by the hackers and users are infected via a malicious RTF Microsoft Office document. As soon as the user opens the document, a HTML page with malicious code, is downloaded onto their system.

The attack bypasses the User Account Control and injects a code into the memory which gives the hackers the same user rights as the current user. This enables them to install programs, view, change, or delete data, or create new accounts, giving them complete control of the victim’s computer without their knowledge.

Microsoft warned users: “In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of websites that accept or host user-provided content or advertisements.”

Microsoft has been quick to react to the flaw and a patch was made available on the 9th May. Users are advised to patch up the flaw as quickly as possible to prevent their computer from being compromised.

There has been a steep increase in the number of malicious document attacks as hackers take advantage of the company’s product vulnerabilities to launch their exploit kits and targeted phishing attacks. Microsoft has already identified and patched up 67 vulnerabilities in their monthly security update, highlighting the ongoing risks faced by users.

Despite this increase in hacker activity, there are a number of steps we can take to protect ourselves from these types of attack:

• Never open a document from an unknown source

• Use a secure browser

• Ensure your system is backed up on a regular basis

• Use a VPN to encrypt all data

• Use ad blockers

• Remove any affected software

For further information on how MetaCompliance can help protect you online, click here