Hackers Have Revived a Decade-old Microsoft Office Exploit

Hackers have ramped up attempts to abuse a decade-old Microsoft Office flaw with the help of inventive new email scams, new analysis has discovered.

According to an analysis commissioned by NordVPN, makes an attempt to exploit the vulnerability (CVE-2017-11882) rose by 400% within the second quarter of the year – with additional development expected.

If exploited successfully, the memory corruption bug may allow attackers to execute code on the goal machine remotely. That is particularly problematic if the affected user account has administrative privileges, by which situation the hacker may seize the management of the system.

Once inside, a malicious actor may set up programs at will, entry and delete data, and create new accounts with full entry rights.

Microsoft Office vulnerability

According to the Microsoft Safety listing, to abuse, the vulnerability hackers should trick targets into opening a specially crafted file containing a contaminated copy of Microsoft Office or Microsoft WordPad.

The most common and efficient means of distributing this contaminated information is via electronic mail phishing campaigns, a lot of that are extremely convincing and manipulative.

For instance, the US Secret Service (USSS) warned citizens of an email rip-off in April, on the peak of the pandemic, that attempted to lure victims into opening an attachment that claimed to include necessary coronavirus information.

By preying on human insecurities and attaching scams to macro world events, hackers are capable of infect a large pool of victims with relative ease.

“The malware concentrating on a decade-old MS Workplace vulnerability will need to have been below the radar because it has been spreading via emails for 3 years now,” defined Daniel Markuson, Digital Privacy Professional at NordVPN.

According to the agency, businesses are at heightened risk of this type of assault, on account of the worth of data held in corporate networks and also due to the fallibility of workers.

“When inner corporate systems get breached, 99% of instances are caused by workers. The most well-liked method to lure employees into the lure is by electronic mail,” added Markuson.

“Businesses should keep alert and should make use of defense-in-depth ways and equip themselves with multi-layered safety mechanisms, together with high-sensor spam filters and a VPN connection, which might stop malicious pages from opening.”

Individual customers, in the meantime, are suggested to scrutinize emails for abnormalities that may establish a rip-off (corresponding to spelling errors) and make sure the sender handle seems common.