deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-15 18:33:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

acrolinx updates

Browse Source
This commit is contained in:
Beth Levin
2020-08-28 14:24:43 -07:00
parent dfb6bea4e7
commit 31d79a6f9c
6 changed files with 125 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
windows/security/threat-protection/intelligence/exploits-malware.md
View File

@ -1,7 +1,7 @@
---
title: Exploits and exploit kits
ms.reviewer:
description: Learn about how exploits use vulnerabilities in common software to give an attackers access to your computer and to install other malware.
description: Learn about how exploits use vulnerabilities in common software to give attackers access to your computer and install other malware.
keywords: security, malware, exploits, exploit kits, prevention, vulnerabilities, Microsoft, Exploit malware family, exploits, java, flash, adobe, update software, prevent exploits, exploit pack, vulnerability, 0-day, holes, weaknesses, attack, Flash, Adobe, out-of-date software, out of date software, update, update software, reinfection, Java cache, reinfected, won't remove, won't clean, still detects, full scan, MSE, Defender, WDSI, MMPC, Microsoft Malware Protection Center
ms.prod: w10
ms.mktglfcycl: secure
@ -21,17 +21,17 @@ Exploits take advantage of vulnerabilities in software. A vulnerability is like
## How exploits and exploit kits work
Exploits are often the first part of a larger attack. Hackers scan for outdated systems that contain critical vulnerabilities, which they then exploit by deploying targeted malware. Exploits often include what's called "shellcode". This is a small malware payload that's used to download additional malware from attacker-controlled networks. This allows hackers to infect devices and infiltrate organizations.
Exploits are often the first part of a larger attack. Hackers scan for outdated systems that contain critical vulnerabilities, which they then exploit by deploying targeted malware. Exploits often include shellcode, which is a small malware payload used to download additional malware from attacker-controlled networks. Shellcode allows hackers to infect devices and infiltrate organizations.
Exploit kits are more comprehensive tools that contain a collection of exploits. These kits scan devices for different kinds of software vulnerabilities and, if any are detected, deploys additional malware to further infect a device. Kits can use exploits targeting a variety of software, including Adobe Flash Player, Adobe Reader, Internet Explorer, Oracle Java and Sun Java.
Exploit kits are more comprehensive tools that contain a collection of exploits. These kits scan devices for different kinds of software vulnerabilities and, if any are detected, deploy additional malware to further infect a device. Kits can use exploits targeting a variety of software, including Adobe Flash Player, Adobe Reader, Internet Explorer, Oracle Java, and Sun Java.
The most common method used by attackers to distribute exploits and exploit kits is through webpages, but exploits can also arrive in emails. Some websites unknowingly and unwillingly host malicious code and exploits in their ads.
The infographic below shows how an exploit kit might attempt to exploit a device when a compromised webpage is visited.
The infographic below shows how an exploit kit might attempt to exploit a device after you visit a compromised webpage.
![example of how exploit kits work](./images/ExploitKit.png)
![example of how exploit kits work.](./images/ExploitKit.png)
*Figure 1. Example of how exploit kits work*
*Figure 1. Example of how to exploit kits work*
Several notable threats, including Wannacry, exploit the Server Message Block (SMB) vulnerability CVE-2017-0144 to launch malware.
@ -56,6 +56,6 @@ You can read more on the [CVE website](https://cve.mitre.org/).
## How to protect against exploits
The best prevention for exploits is to keep your organization's [software up to date](https://portal.msrc.microsoft.com/). Software vendors provide updates for many known vulnerabilities and making sure these updates are applied to all devices is an important step to prevent malware.
The best prevention for exploits is to keep your organization's [software up to date](https://portal.msrc.microsoft.com/). Software vendors provide updates for many known vulnerabilities, so make sure these updates are applied to all devices.
For more general tips, see [prevent malware infection](prevent-malware-infection.md).