CyberNews Briefs

Kaspersky: 70 percent of attacks now target Office vulnerabilities

New Kaspersky Lab research shows that threat actors are increasingly trying to take advantage of security flaws in Microsoft Office products. In the last quarter of 2018, attackers went after Office flaws in a whopping 70% of attacks detected by Kaspersky. In Q4 of 2016 this number was still only 16%.

Kaspersky pointed out that “[n]one of the top most exploited vulnerabilities are in MS Office itself.” Instead, the two most exploited flaws (CVE-2017-11882 and CVE-2018-0802) affect Office’s legacy Equation Editor component. This is because “Malware authors prefer simple, logical bugs,” and the Equation Editor vulnerabilities are highly reliable, easy to exploit, and impact all Microsoft Word editions released in the past 17 years.

Read more: Kaspersky: 70 percent of attacks now target Office vulnerabilities

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.