Microsoft warns of email campaign exploiting an old bug [CVE-2017-11882]
Microsoft’s Security Intelligence team has warned against an active malware campaign using emails in European languages distributes RTF files that carry the CVE-2017-11882 exploit.
An active malware campaign using emails in European languages distributes RTF files that carry the CVE-2017-11882 exploit, which allows attackers to automatically run malicious code without requiring user interaction. pic.twitter.com/Ac6dYG9vvw
— Microsoft Security Intelligence (@MsftSecIntel) 7 June 2019
The campaign exploits a vulnerability which the company fixed and issued a patch for back in 2017. The flaw reportedly affected all versions of Microsoft Office, Microsoft Windows and architecture types dating back to 2000.
The vulnerability allows attackers to automatically run malicious code without requiring user interaction.
Organisations and individuals should apply Microsoft’s security patches as soon as possible.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.