Chat with us, powered by LiveChat Even the Built-In Calculator in Windows Could Allow Threats In - Krove Corporation Blog | Pompano Beach, FL | Krove IT

Krove Corporation Blog

Krove Corporation has been serving the Florida area since 2008, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Even the Built-In Calculator in Windows Could Allow Threats In

Even the Built-In Calculator in Windows Could Allow Threats In

You might be surprised by some of the security breaches and vulnerabilities out there, including some for apps that you would never suspect, like Windows’ Calculator application. Hackers are always looking for new ways to infect endpoints, and nothing exemplifies this better than this particular threat, one which utilizes the Windows 7 calculator app to launch attacks against Microsoft operating systems.

How Does This Threat Work?

According to security researcher ProxyLife on Twitter, there are several strains of malware utilizing an old version of the Calculator application loaded on Microsoft’s Windows operating systems. This particular version of the Calculator app was used on Windows 7, and this threat works by tricking a user into downloading an ISO disc image disguised as a PDF or other file. The ISO uses a shortcut to open the included Calculator application.

One of the features of the Windows 7 Calculator app is the use of Dynamic Link Libraries, or .dll files, rather than defaulting to Windows’ system default libraries. This is a feature that hasn’t been used in the Calculator app since Windows 7, hence the need to run the older version of the software. The Calculator app runs these libraries to infect the system with malware, and since the Calculator appears to be a legitimate application used by Windows, the system doesn’t think twice about it, allowing it to circumvent Windows’ built-in security benchmarks.

How Much Should You Worry About It?

Ultimately, we think it’s reasonable to look at this threat as an obscure one that simply shows off the ingenuity of hackers and how they are using tools in different ways. It’s not clear whether or not Microsoft has issued an update to Defender to stop these attacks, but all you need to know is that you likely won’t encounter this type of threat, so long as you are treating potential threat vectors with the scrutiny they deserve, i.e. not downloading random files that are suspicious at best.

Even if it is unlikely you will encounter these threats, it’s a bit unnerving that trusted and known applications can create these types of issues for your IT department. One way to make sure you don’t let threats fly under the radar, even for those that aren’t deemed threats by your operating system, is to proactively monitor your infrastructure for anything that is out of the ordinary. You can then take steps to contain, isolate, and eliminate them.

Let Us Help You Monitor Your Network

If you would rather not worry about keeping tabs on your network, Krove Corporation is happy to assist with this incredibly important part of running a business. We can implement comprehensive data security measures that minimize the opportunity for hackers to infiltrate your network. To learn more, contact us today at (954) 741-2972.

Identifying the Benefits of Solid State Drives
Staying On Top of Your Technology Can Make Your Or...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, 21 November 2024

Captcha Image