Year-to-date CVE-2017-11882 is over 500%
Kaspersky discovered that an old Microsoft Office vulnerability is gaining popularity among attackers targeting both regular users and businesses. Since the beginning of the year, the operation of CVE-2017-11882 has increased by nearly 500% and affected thousands of people. Popular and still a very hot target for attackers, is to install a reliable security solution and update your software normally.
During the current quarter of 2023, Kaspersky researchers detected that more than 11,000 users encountered attacks that exploited an old vulnerability in Microsoft Office software, known as CVE-2017-11882. The vulnerability allows attackers to exploit the equation editor in Microsoft Office documents, allowing them to execute malicious code on the target device. As a result, malicious or unwanted software can be installed without the user’s knowledge. Create an online page with the same type of record and then try to trick other people into opening it with social engineering techniques.
Although the vulnerability has been known for a long time and was fixed, there is a 483% accumulation of exploits in the current quarter compared to the first quarter of this year. This alarming trend indicates that even old vulnerabilities remain an effective approach to attacking customer devices and organizations’ infrastructures.
Number of attacked users CVE-2017-11882, 2023
“In fact, the attackers have started this exploit again. It is very likely that they will try to implement new obfuscation techniques to evade detection. For example, they might try to insert new types of malicious knowledge into Microsoft Office documents. However, the displayed security responses designed for universal detection will still prevent such attacks and protect users. It is no less important to install software updates and patches on time,” said Alexander Kolesnikov, head of Kaspersky’s malware analyst team.
Exploits for vulnerabilities
The number of attacked
CVE-2018-0802
130126
CVE-2010-2568
31091
CVE-2017-0199
13537
CVE-2017-11882
11394
CVE-2011-0105
10646
Exploit detections for vulnerabilities through the number of attacked users, Q2 2023
The established trend persisted during this period, with attackers proceeding to rely on old vulnerabilities in Microsoft software as their number one tools. Frequently, they exploited CVE-2018-0802 to the fullest. More than 130,000 more people have fallen victim to the corresponding attacks. The exploitation of this vulnerability sometimes follows the same trend as the CVE-2017-11882 mentioned above, which involves memory corruption where an attacker can simply take control of the formula using a specially crafted file.
CVE-2010-2568, CVE-2017-0199, and CVE-2011-0105 are also on the list of top exploits detected in the current quarter. The former comes to code execution via a specially crafted LNK file, while the latter two are connected to the Microsoft Office suite.
To protect against threats such as exploiting vulnerabilities, Kaspersky experts recommend:
About Kaspersky
Kaspersky is a global cyber security and virtual privacy company founded in 1997. Kaspersky’s deep expertise in security and risk intelligence is constantly being reshaped into state-of-the-art solutions and facilities to protect businesses, critical infrastructure, governments and consumers around the world. 00 Business consumers protect the issues that matter most to them. Learn more about www. kaspersky. com.
Disclaimer: The content of this press release has been provided through a third-party vendor. This online page is not guilty of this external content and does not. This content is provided on an “as is” and “as available” basis and has not been modified in any way. Neither this online page nor our affiliates guarantee the accuracy or endorse the views or reviews expressed in this press release.
The press release is provided for informational purposes only. The Content does not provide tax, legal or investment recommendations or reviews relating to the relevance, price or performance of any specific security, portfolio or investment strategy. Neither this nor our affiliates will be liable for any errors or inaccuracies in the content, or for any action taken through you based thereon. You expressly agree that your use of the data contained in this segment is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent, subsidiaries, affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors shall be liable (jointly or individually) to you for any damages, indirect, consequential, special, incidental, punitive or exemplary, including, but not limited to, lost profits, lost savings and lost revenue, Whether for negligence, tort, contract or any other theory of liability, even if the parties have requested the option or may simply have foreseen such damages.