deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-16 02:43:43 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Beth Levin
2018-07-27 13:29:44 -07:00
parent aaccf58736
commit 870eaca4c4
4 changed files with 29 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
windows/security/intelligence/exploits-malware.md
View File

@ -14,7 +14,7 @@ ms.date: 07/01/2018
Exploits take advantage of “vulnerabilities” in software. A vulnerability is like a hole in your software that malware can use to get onto your PC. Malware exploits these vulnerabilities to bypass your computer's security safeguards to infect your device.
## How it works
## How exploits and exploit kits work
Exploits are often the first part of a larger attack. Hackers scan for outdated systems that contain critical vulnerabilities, which they then exploit by deploying targeted malware. Exploits often include what's called "shellcode". This is a small malware payload that's used to download additional malware from attacker-controlled networks. This allows hackers to infect devices and infiltrate organizations.
@ -22,7 +22,7 @@ Exploit kits are more comprehensive tools that contain a collection of exploits.
The most common method used by attackers to distribute exploits and exploit kits is through webpages, but exploits can also arrive in emails. Some websites unknowingly and unwillingly host malicious code and exploits in their ads.
The infographic below shows how an exploit kit might attempt to exploit your PC when you visit a compromised webpage.
The infographic below shows how an exploit kit might attempt to exploit a PC when a compromised webpage is visited.
![example of how exploit kits work](./images/exploitkit.png)
@ -35,12 +35,6 @@ Prevalent exploit kits include:
- [Neutrino](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=JS%2fNeutrino)
- [Nuclear](https://www.microsoft.com/wdsi/threats/malware-encyclopedia-description?Name=Exploit:JS/Neclu)
## How to protect against exploits
The best prevention for exploits is to keep your software up-to-date. Software vendors provide updates for many known vulnerabilities and making sure these updates are applied to your devices is an important step to prevent malware.
Enterprise admins typically manage updates for apps, devices, servers in large organizations.
## How we name exploits
We categorize exploits in our Malware encyclopedia by the "platform" they target. For example, Exploit:Java/CVE-2013-1489.A is an exploit that targets a vulnerability in Java.
@ -49,3 +43,9 @@ A project called "Common Vulnerabilities and Exposures (CVE)" is used by many se
The portion "2016" refers to the year the vulnerability was discovered. The "0778" is a unique ID for this specific vulnerability.
You can read more on the [CVE website](https://cve.mitre.org/).
## How to protect against exploits
The best prevention for exploits is to keep your organization's software up-to-date. Software vendors provide updates for many known vulnerabilities and making sure these updates are applied to all devices is an important step to prevent malware.
For more general tips, see [prevent malware infection](prevent-malware-infection).