Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Decades-old Microsoft Office Vulnerability to Deliver Malware

 

Systems Affected



Threat Level


High


Overview


With COVID-19 crisis, Cybercriminals are busy scamming and delivering malware using the attention-getting virus as a lure.


Description


According to the United States Secret Service (USSS) advisory, attackers are using two decade old Microsoft Office memory corruption vulnerability (CVE-2017-11882), for which Microsoft released a security patch in November 2017.

An attacker will send a phishing email disguised as coming from a hospital. E-mail contains a malware infected attachment mostly Microsoft office related documents such as excel file, word document, etc. Malware get active when victim opens the mail attachment.

Malware is capable of stealing credentials, open shares on networks and view all files and folders as well as discover and take cryptographic information.

There are chances that the attacker could send an email with .EXE file disguised as an PDF file fooling the recipients into believing that they were opening a PDF file containing list of needed supplies.


Impact


  ✻  Losing control of your windows PC
  ✻  Stealing credentials & personal information
  ✻  If the same password is used on other applications or computers in the same network, all of devices can get compromised
  ✻  Malware infections possible of ransomware viruses


Solution/ Workarounds


  ✻  Update Microsoft Office package
  ✻  Update operating system with the latest security patch
  ✻  Never open email attachments unless you know sender
  ✻  Refrain clicking unknown links


References


  ✻  https://www.csoonline.com/article/3536696/us-secret-service-warns-of-malicious-emails-offering-covid-19-information.html


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.