One of the key messages broadcasted by security professionals is: “Patch, patch and patch again!”. But they are nasty vulnerabilities that remain exploited by attackers even if they are pretty old. %%cve:2017-11882%% is one of them: this remote code execution affects Microsoft Office and, more precisely, the good old “Equation Editor”. This tool was even killed by Microsoft due to numerous security issues[1]. But it still remains used by attackers to spread modern malware.
This article has been indexed from SANS Internet Storm Center, InfoCON: green
Read the original article: