Skip to main content

Microsoft Office is a top target for malware devs

Image Credit: Pixabay
Audio player loading…

New attack and exploitation data from Kaspersky Lab has revealed that Microsoft Office products are now the top target for cybercriminals.

During a presentation at its Security Analyst Summit, the company explained to attendees how 70 percent of the attacks its antivirus products detected in Q4 2018 were trying to exploit vulnerabilities in Microsoft Office.

The platforms targeted by cybercriminals have changed significantly during the last two years as Office used to account for just 16 percent in 2016. Now hackers have moved way from targeting web browsers and Adobe Flash in favor of Microsoft Office.

However, according to Kaspersky, “None of the top most exploited vulnerabilities are in MS Office itself. Rather, the vulnerabilities exist in related components.”

Outdated components

CVE-2017-11882 and CVE-2018-0802 are two of the most exploited vulnerabilities yet they do not exist in Office itself but rather in the software's legacy Equation Editor component.

A researcher at Kaspersky Lab explained why malware authors prefer simple, logical bugs, saying:

"A look at the most exploited vulnerabilities of 2018 confirms exactly that: Malware authors prefer simple, logical bugs. That is why the equation editor vulnerabilities CVE-2017-11882 and CVE-2018-0802 are now the most exploited bugs in MS Office. Simply put, they are reliable and work in every version of Word released in the past 17 years. And, most important, building an exploit for either one requires no advanced skills."

By taking advantage of components that have been used in Office for years, these vulnerabilities are able to affect a wide range of users and not just those on the latest version. Also Microsoft will not likely remove these components any time soon as they would seriously impact Office's backward compatibility.

Via ZDNet

  • Keep your devices and software protected from cybercriminals with the best antivirus

After getting his start at ITProPortal while living in South Korea, Anthony now writes about cybersecurity, web hosting, cloud services, VPNs and software for TechRadar Pro. In addition to writing the news, he also edits and uploads reviews and features and tests numerous VPNs from his home in Houston, Texas. Recently, Anthony has taken a closer look at standing desks, office chairs and all sorts of other work from home essentials. When not working, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.