Skip to main content

Patch your Windows 10 PC, now! Hackers are exploiting a zero-day flaw

Patch your Windows 10 device quick, as hackers are currently taking advantage of a zero-day “Double Kill” flaw in Internet Explorer to infect PCs across the globe. The fix is part of Microsoft’s latest Patch Tuesday update for Windows 10, addressing the vulnerability discovered by the Qihoo 360 Core Security team in late April. The flaw is officially labeled as CVE-2018-8174, ignoring the 360 Core Security team’s “Double Kill” codename. 

According to the team, hackers can embed a malicious website inside an Office document. Once opened, the embedded site deploys malicious code and its payload from a remote web-based server. The attack also bypasses the User Account Control component in Windows 10, acquiring administrator-level privileges. The attack is executed within the system memory as well, thus you’ll find no evidence of foul play on the device’s local storage. 

Recommended Videos

Microsoft says the problem resides in the VBScript engine. That’s short for Visual Basic Scripting, Microsoft’s programming language included in Internet Explorer for creating system management tools. The vulnerability resides in the way this engine handles objects in memory, allowing hackers to inject code into memory and gain the same user rights as the current user. 

“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked ‘safe for initialization’ in an application or Microsoft Office document that hosts the IE rendering engine,” Microsoft says. 

But that’s not all. Hackers could also take advantage of websites that “accept or host user-provided content or advertisements” by injecting specifically crafted content. The good news here is that the only attack vector discovered thus far is by injecting an Office document with a malicious website. Despite that limitation, a successful attack provides hackers with complete control of the victim’s PC without their knowledge. 

While many Windows 10 device owners may scratch their heads wondering why this Internet Explorer flaw is relevant, the browser still remains as a Windows component for legacy support. Many websites, applications, and corporations still rely on elements that are only compatible with Internet Explorer and have not moved on to the newer technology offered in Microsoft Edge.  

The 360 Security Center team said this is the first advanced persistent threat (APT) campaign to use an Office document carrying this specific Internet Explorer exploit payload. Using Office documents, however, is nothing new. 

“In recent years, we have discovered a rising trend that Office documents have taken the center stage of APT attacks,” the security team said. “Opening any malicious documents with “double kill” allows attackers to control victims’ computers without their knowledge, making ransomware infection, eavesdropping, and data leakage convenient and stealthy.” 

As always, never open a document from an unknown source. Also keep your Windows 10 PC up to date on a security level given Microsoft’s operating system is a highly popular target. Keep your firewall locked and loaded and your anti-virus solution updated as well. You can remove Internet Explorer by following these instructions. 

Kevin Parrish
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Looking for an OLED laptop? Get the Samsung Galaxy Book4 Ultra at $400 off
The screen of the Galaxy Book4 Ultra.

While Samsung Galaxy deals are often linked to smartphones and tablets, you can also score huge discounts on other types of devices. For example, you can currently buy the Samsung Galaxy Book4 Ultra at $400 off from Samsung itself, which brings its price down from $2,400 to $2,000. This premium laptop isn't going to stay on sale for long though, so if you're interested in this bargain, you need to push forward with your purchase as soon as you can to make sure you pocket the savings.

Why you should buy the Samsung Galaxy Book4 Ultra laptop

Read more
This iBuyPower gaming PC with 16GB of RAM is on sale for $830
The iBuyPower Element SE gaming PC on a white background.

For gaming PC deals that will give you excellent value, you should check out iBuyPower offers. Here's one from Best Buy: the iBuyPower Element SE gaming desktop at $100 off, which pulls its price down from $930 to $830. Gamers who are looking for a gaming PC for less than $1,000 won't want to miss this bargain, but you're going to have to hurry if you're interested because there's no assurance that the discount will still be online by tomorrow.

Why you should buy the iBuyPower Element SE gaming PC

Read more
The Dell XPS 13 and XPS 14 are both on sale at $300 off — hurry!
Angled front view of the Dell XPS 13 with Snapdragon X Elite processor inside.

Are you in the market for a new laptop? You simply can't go wrong with any of the Dell XPS deals that are available, and we've identified two of the best ones you can shop right now. The Dell XPS 13 9350, originally sold for $1,400, is down to $1,100 for savings of $300, while the Dell XPS 14 9440, which has a sticker price of $1,560, is on sale for $1,260, also following a $300 discount.

Following the Dell XPS reset early last year, the Dell XPS 13 and the Dell XPS 14 have further blossomed in popularity. That means you'll have to act fast if you're interested in either of these laptop deals though, as the stocks up for sale may run out at any moment.

Read more