Microsoft Office security scams are on the rise - here's what you need to know

News
By Craig Hale
published

Patch now to avoid exposure to old Microsoft Office vulnerabilities

Microsoft Office
(Image credit: Shutterstock / monticello)

Kaspersky has identified a number of recent cases of threat actors exploiting a years-old Microsoft Office vulnerability, targeting both individuals and companies alike.

According to the researchers, 11,394 users had encountered attacks leveraging the CVE-2017-11882 vulnerability during the second quarter of 2023, an increase of 483% compared with the three months before during which there were 1,954 cases.

Despite transitioning to a largely subscription-based model several years ago, Kaspersky acknowledges that older versions of Microsoft office software remain popular, urging users to stay on top of their cybersecurity.

Attackers exploiting old Office vulnerability

The now-patched issue affects Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016. Kaspersky says:

“This vulnerability allows attackers to exploit the equation editor in Microsoft Office documents, enabling them to execute malicious code on the targeted device.”

Read more

> These are the best identity theft protection tools

> Microsoft's security team says it's tracking over 100 ransomware actors

> Update your iPhone now: Apple’s latest iOS update has crucial security fixes

In essence, an attacker is able to install malware onto a victim’s device without them knowing.

While interest in that vulnerability in particular have spiked in recent months, attackers continue to exploit old vulnerabilities across the board. More than 130,000 attacked users have been tracked in relation to CVE-2018-0802.

CVE-2010-2568, CVE-2017-0199, and CVE-2011-0105 have also proven popular among attackers, each accounting for thousands of attacks.

Kaspersky Malware Analyst Team Lead Alexander Kolesnikov said: “Attackers have indeed started using this exploit again,” stressing the fact that “It is no less important to install software updates and patches on time.”

In fact, that is the company’s first recommendation for those looking to reduce their risk of attack. More generally, users are being advised to check for mistakes and irregularities in URLs and other message content and to use suitable endpoint protection software.

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!