Subj : Microsoft Office security scams are on the rise - here's what you To : All From : TechnologyDaily Date : Thu Jul 20 2023 12:00:04 Microsoft Office security scams are on the rise - here's what you need to know Date: Thu, 20 Jul 2023 10:47:50 +0000 Description: Old Microsoft Office vulnerabilities continue to be fruitful for attackers simply because users arent applying security fixes. FULL STORY ====================================================================== Kaspersky has identified a number of recent cases of threat actors exploiting a years-old Microsoft Office vulnerability, targeting both individuals and companies alike. According to the researchers, 11,394 users had encountered attacks leveraging the CVE-2017-11882 vulnerability during the second quarter of 2023, an increase of 483% compared with the three months before during which there were 1,954 cases. Despite transitioning to a largely subscription-based model several years ago, Kaspersky acknowledges that older versions of Microsoft office software remain popular, urging users to stay on top of their cybersecurity. Attackers exploiting old Office vulnerability The now-patched issue affects Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016. Kaspersky says: This vulnerability allows attackers to exploit the equation editor in Microsoft Office documents, enabling them to execute malicious code on the targeted device. Read more > These are the best identity theft protection tools > Microsoft's security team says it's tracking over 100 ransomware actors > Update your iPhone now: Apples latest iOS update has crucial security fixes In essence, an attacker is able to install malware onto a victims device without them knowing. While interest in that vulnerability in particular have spiked in recent months, attackers continue to exploit old vulnerabilities across the board. More than 130,000 attacked users have been tracked in relation to CVE-2018-0802. CVE-2010-2568, CVE-2017-0199, and CVE-2011-0105 have also proven popular among attackers, each accounting for thousands of attacks. Kaspersky Malware Analyst Team Lead Alexander Kolesnikov said: Attackers have indeed started using this exploit again, stressing the fact that It is no less important to install software updates and patches on time. In fact, that is the companys first recommendation for those looking to reduce their risk of attack. More generally, users are being advised to check for mistakes and irregularities in URLs and other message content and to use suitable endpoint protection software . Give your machine a cybersecurity boost with the best firewalls and the best malware removal ====================================================================== Link to news story: https://www.techradar.com/pro/microsoft-office-security-scams-are-on-the-rise- heres-what-you-need-to-know --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .