Microsoft is urging users to update a two-year-old vulnerability that is being used in a fresh wave of attacks. The flaw, tracked as CVE-2017-11882, was patched in 2017, but many unpatched systems remain vulnerable.
The new campaign involves spam emails containing malicious RTF attachments capable of exploiting the vulnerability in order to install a backdoor Trojan on compromised machines. CVE-2017-11882 has been exploited in various campaigns before. Another campaign exploiting this flaw in order to deliver a backdoor Trojan was detected only a week ago.