Tech News

Kaspersky Experts Uncover Old Vulnerabilities in Microsoft Office, Leading to a Surge in Attacks on Users and Businesses

By Aya Mohammed

Security experts at Kaspersky have recently discovered the existence of an old vulnerability in Microsoft Office that is currently being exploited by attackers targeting users and companies on a large scale.

Increased Exploitation:

Kaspersky experts have observed a 500% increase in the exploitation of the vulnerability with the code name CVE-2017-11882 since the beginning of this year, resulting in significant harm to thousands of users, another old vulnerability, coded as CVE-2018-0802, has emerged as the most widely used “attack weapon” among these criminals, affecting over 130,000 users.

Persisting Threat:

Due to the prevalence of older versions of Microsoft software, they remain highly attractive targets for these attackers, this highlights the critical importance of installing reliable security solutions and regularly updating the software.

Recent Discoveries:

During the second quarter of 2023, Kaspersky researchers discovered over 11,000 users who fell victim to attacks exploiting the old security vulnerability in Microsoft Office, known as CVE-2017-11882, this vulnerability allows attackers to exploit the equation editor tool in Microsoft Office documents, enabling them to execute malicious code on the targeted device.

Attack Method:

To exploit this vulnerability, attackers simply need to send a malicious file to potential victims or create a website with the same file type, using social engineering techniques to deceive users into opening it, despite the vulnerability being identified and patched long ago, there has been a 483% increase in exploitation during the second quarter of this year compared to the first quarter, indicating that old vulnerabilities can still be effective means of attacking users and corporate infrastructures.

List of Most Exploited Vulnerabilities:

– CVE-2018-0802: 130,126 affected users.
– CVE-2010-2568: 31,091 affected users.
– CVE-2017-0199: 13,537 affected users.
– CVE-2017-11882: 11,394 affected users.
– CVE-2011-0105: 10,646 affected users.

Security Recommendations:

Kaspersky experts advise following these measures to protect against threats related to exploiting different vulnerabilities:

1. Install patches to address new vulnerabilities promptly to prevent cybercriminals from exploiting them.
2. Verify links before clicking on them, checking for URL addresses, spelling errors, or other discrepancies, be cautious of phishing emails and fake websites.
3. Utilize endpoint protection and email server security solutions to combat phishing attacks and reduce the chance of falling victim to email-based attacks.
4. Companies should enhance the use of cybersecurity tools by implementing comprehensive detection and response solutions that gather data from various sources, including endpoints, networks, and cloud data.
5. Rely on suitable services and solutions such as Kaspersky Incident Response, Kaspersky Endpoint Detection and Response Expert, or Kaspersky Managed Detection and Response to identify and halt attacks in their early stages, preventing cybercriminals from achieving their ultimate objectives.


Related:

The Author:
Avatar of Aya Mohammed
Aya Mohammed

Aya Mohammed, born in 1991, from Port Said, holds a Bachelor's degree in Technology and Management Information Systems and a Master's degree in Business Administration.


Leave A Reply

Your email address will not be published.



All content published on the Nogoom Masrya website represents only the opinions of the authors and does not reflect in any way the views of Nogoom Masrya® for Electronic Content Management. The reproduction, publication, distribution, or translation of these materials is permitted, provided that reference is made, under the Creative Commons Attribution 4.0 International License. Copyright © 2009-2024 Nogoom Masrya®, All Rights Reserved.