Elite Systems Blog

Elite Systems has been serving the Texas area since 2001, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

A Windows Vulnerability found in your Calculator? Here’s What You Should Know

A Windows Vulnerability found in your Calculator? Here’s What You Should Know

Sometimes security breaches and hacking attacks come from the most unlikely of sources, even going so far as to utilize trusted applications to infect an endpoint or network. This is the case with a new phishing attack which uses the Calculator application that comes built-in with Windows in a very creative way. This is just one example of how hackers have been forced to innovate to combat the increasingly secure systems which businesses and users rely on today, and it should be a testament as to why you can never be too careful.

What is the Threat?

A security researcher who goes by ProxyLife on Twitter has reportedly discovered that there are several strains of malware and phishing attacks utilizing an outdated version of Microsoft’s Calculator application to find their way onto your network and launch their attacks—specifically the Windows 7 version of Calculator. The way that it works is that a cybercriminal tricks the user into downloading an ISO disc image which is disguised as a PDF or other similar file. This ISO contains a shortcut to an opened version of the Calculator application.

The Windows 7 Calculator can use what are called Dynamic Link Libraries in the same folder rather than defaulting to Windows’ system default libraries. The Calculator then runs the library, which is infected with malware. Later versions of Calculator do not have this capability, hence why an older version is necessary. Since Windows thinks that Calculator is a legitimate application, opening it in this way doesn’t set off any red flags within the system.

Should You be Worried?

At the end of the day, this is largely an obscure threat that sees hackers using the tools at their disposal in creative and different ways. It is not yet known if Microsoft has issued an update to Defender to put a stop to these types of attacks, but the long and short of it is that you probably won’t encounter this specific threat, as long as you are using proper security practices while browsing the Internet or checking your email.

Still, the idea that threats can use trusted and known applications in this way can make things a bit of a hassle for your IT team. These types of attacks might bypass the defenses built into your operating systems, but they can be caught if you are proactively monitoring your infrastructure for abnormalities. These abnormalities can then be contained, isolated, and eliminated. Of course, the problem here is that you likely wouldn’t find this type of threat if you weren’t actively looking for it—which is where we come in.

Proactively Monitor Your Network with Our Services

We know that it can be a challenge to keep your network safe. That’s why we make it easy with our remote monitoring services. Combined with comprehensive security solutions like a firewall, antivirus, spam blocker, and content filter, you’ll find that your network has never been safer. To learn more about what we can do for your business, contact us today at (972) 290-2350.

Crucial Steps You Have to Take When Your Business ...
Managed IT Services Destroy Downtime
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image

Customer Login

News & Updates

Elite Systems is proud to announce the launch of our new website at https://www.elitesys.net. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...

Contact us

Learn more about what Elite Systems can do for your business.

Elite Systems
1200 North Main Street
Duncanville, Texas 75116