- Late last week a new Microsoft Office vulnerability was discovered by McAfee; they discovered attacks exploiting this vulnerability back to late January 2017.
- This should raise substantial concern for anyone responsible for cyber security at their company or federal agency.
- Since January, every Windows-based MS Office machine was exposed to the worst type of malware: zero-day.
- UPDATE! We captured one of the exploits. Read more here.
Late last week a new Microsoft Office vulnerability was discovered by McAfee. In a blog article posted April 7th 2017, McAfee provided a “heads up” to the computing world about recently discovered zero-day. They state that they discovered attacks exploiting this vulnerability back to late January 2017.
These types of announcements should raise substantial concern for anyone responsible for cyber security at their company or Federal Agency. These types of zero-day vulnerability expose the biggest problem in the anti-malware community today. Operating in a world of known malware is a losing game. This recently discovered zero-day vulnerability should make everyone question: how many more are out there?
Learn more about Bromium: Virtualized Security Overview
The Imperfection of Cyber Security
The problem is that software is written by humans and will never be perfect. Savvy hackers are always looking for the smallest of vulnerabilities so they can exploit them until they are discovered.
This means that companies and federal agencies are at the mercy of every detection-based company to be out there looking for these exploits. Once discovered, they can be remediated and all is well, right? No, because another unknown vulnerability is being exploited as you read this article. Maybe an unknown MS Office vulnerability is being exploited in your environment, or worse, your PC right now.
On Patch Tuesday, Microsoft Will Have a Fix
Microsoft announced that they will have a fix available for their next patch Tuesday (April 11th) that will remediate the vulnerability.
But how can anyone get ahead of this? There is only one real type of solution that ensure zero-day exploits never impact your company and your users. This type of solution is hardware-based isolation. In fact, the industry has started calling this Application Isolation.
With Application Isolation, each task the user performs, that is a potential ingress point for malware, from browsing the Internet to using untrusted MS Office documents, is hardware-isolated using virtualization. Virtualization has solved many challenges in the IT space for decades. Today, virtualization is solving cyber challenges for all types of malware – known to unknown.
Application Isolation is at the heart of the Bromium solution. Using the Bromium Secure Platform, each new tab opened in a browser or untrusted documents are opened in a hardware-isolated virtual machine. This micro-VM is created protect the user and it’s easily destroyed as soon as the user has completed the task. This means that Bromium doesn’t need to care about known or unknown malware. All browsing tabs or documents that are untrusted are treated as if they may contain malware. The experience is seamless to the end user who remains protected regardless of what they do – essentially they can click with confidence.
So, instead of always relying on AV vendors to keep up with detection game, take a look at what a true security solution can do to stop this vulnerability from infecting your network. Don’t wait for Microsoft to provide a patch months after the malware has been infecting machines.