Microsoft has released a new patch to address the zero-day exploit on Internet Explorer 11 for Windows 8.1 and Windows 7 which allows hackers to steal critical information through an XSS exploit.
The latest risk allows attackers to send an update or security message through IE11 using malicious code. Once the hacker has gained access, the hacker can steal information from any sites previously viewed including cookie, usernames, passwords and IP addresses.
This can be a prominent tool for hackers since the attack works regardless if the website has a secure socket layers (SSL) encryption and Microsoft has been hit with a number of day-zero vulnerabilities over the several months.
Many IT security consultants have claimed that these hackers can be a major problem for unsecure services. Microsoft claims no user has been hit with this attack since a user needs to be sent to a malicious website first.
How do you protect your business?
Simple, you need to maintain your network in a proactive nature. Companies need to manage their network proactively including patch updates, driver updates as well as managing network components, monitor CPU, disk space, and memory usage, software & hardware updates.
A managed IT services provider (MSP) will handle your day-to-day IT management responsibilities however if you don’t have access to an internal IT support services professional, you have to proactively managed your network by installing patches and updates.