New attack and exploitation data from Kaspersky Lab has revealed that Microsoft Office products are now the top target for cybercriminals.
During a presentation at its Security Analyst Summit, the company explained to attendees how 70 percent of the attacks its antivirus products detected in Q4 2018 were trying to exploit vulnerabilities in Microsoft Office.
The platforms targeted by cybercriminals have changed significantly during the last two years as Office used to account for just 16 percent in 2016. Now hackers have moved way from targeting web browsers and Adobe Flash in favor of Microsoft Office.
However, according to Kaspersky, “None of the top most exploited vulnerabilities are in MS Office itself. Rather, the vulnerabilities exist in related components.”
CVE-2017-11882 and CVE-2018-0802 are two of the most exploited vulnerabilities yet they do not exist in Office itself but rather in the software’s legacy Equation Editor component.
A researcher at Kaspersky Lab explained why malware authors prefer simple, logical bugs, saying:
“A look at the most exploited vulnerabilities of 2018 confirms exactly that: Malware authors prefer simple, logical bugs. That is why the equation editor vulnerabilities CVE-2017-11882 and CVE-2018-0802 are now the most exploited bugs in MS Office. Simply put, they are reliable and work in every version of Word released in the past 17 years. And, most important, building an exploit for either one requires no advanced skills.”
By taking advantage of components that have been used in Office for years, these vulnerabilities are able to affect a wide range of users and not just those on the latest version. Also Microsoft will not likely remove these components any time soon as they would seriously impact Office’s backward compatibility.
- Keep your devices and software protected from cybercriminals with the best antivirus