Do you still subconsciously drag your mouse to IE logo over the taskbar when you need to surf the net? If the answer is ‘yes’ you are probably still back at the beginning of the 2000s. So, maybe with this news, you find the nudge to put an end to this habit.
As researchers claim, an anonymous hacker group is exploiting a zero-day exploit in IE to infect your windows based PC with malware for their own purposes. So, in this age, when you prefer doing your payments and other purchases online rather than walking to banks or retail stores, this risk shouldn’t be something you may underestimate. According to ZDNet, the vulnerability of internet explorer is being used by an APT (advanced persistent thread) group as stated by Qihoo 360’s core security team.
The name of the malware is ‘double-kill’ embedded in Office document, which infects your PC exploiting the IE vulnerability after downloading this infected doc. file.
To get infected by that malware, you need to be using IE when you choose to open this office file online. Right following your click, the exploit uses internet explorer’s vulnerability to leak in your PC and reach your window’s UAC (user account control).
As soon as you open the file, a pop-up force you to open the infected office file, no matter you click on ‘yes’ or ‘x’ to close it. Researchers notify Microsoft on the issue to release at least a simple patch to fix the issue, however until that update, there is nothing a user do except using Microsoft Edge or as a much better option Google Chrome.