Microsoft Office is one of the most popular productivity tool available in the market. While this is a good thing for Microsoft, it also means that it’s targeted by hackers as well.
In the annual conference, Kaspersky stated that as much as 70% of the entire attacks Kaspersky Lab caught are targeting “Microsoft Office” and 14% of those attacks take advantage of browser issues. According to researchers Alexander Liskin, Boris Larin and Vlad Stolyarov, the attacks on Office have increased in the last two years pressuring users to stay up-to-date as well. Researchers also noted that the reason hackers choose the platform is that it offers and supports different kind of file formats, that is rooted in the “Windows” operating system. Two of the major vulnerabilities pointed out by Kaspersky are- CVE-2017-11882, CVE-2018-0802. The company took the example of these vulnerabilities to demonstrate why it’s important to say vigilant at all times. In case you didn’t know, these vulnerabilities take advantage of the less protected Equation Editor to attack.
Researchers took time to study the previous attacks and most of those start with a simple zero-day vulnerability and once it’s out there, the exploit quickly makes it to the Dark Web. The solution to staying safe is the one that has been always suggested- Make sure your software is up-to-date and don’t open files from strangers or files that look suspicious. Even if a source is trusted, it takes minutes to scan the file before downloading and opening it. While we do hope Microsoft comes up with a permanent solution, it does seem unlikely considering the fact that no piece of hardware or software is 100% safe.