Microsoft Office vulnerabilities ‘targeted in 70% of attacks’
Hackers are increasingly looking to exploit vulnerabilities in Microsoft Office's suite of applications, with the proportion of attacks targeting the software increasing fourfold in the last two years.
This is according to new data from Kaspersky Lab, which found that 70 per cent of attacks it detected in the final quarter of 2018 were looking to take advantage of flaws in Office.
By comparison, just 16 per cent of attacks in Q4 of 2016 were focused on this area. Kaspersky said one reason for this growth in popularity is that an entire cyber crime ecosystem has built up around the technology, and once a vulnerability becomes known, exploits for it can appear for sale on the dark web within days, making it easier for malware distributors to target users.
"Bugs themselves have become much less complex, and sometimes a detailed write-up is all a cybercriminal needs to build a working exploit," the company stated.
Kaspersky noted, however, that the majority of exploits are not aimed at Office programs themselves, but rather vulnerabilities that exist in related components that come as part of the Office package.
For instance, two of the most exploited vulnerabilities highlighted are targeted at Office's legacy Equation Editor component.
"Malware authors prefer simple, logical bugs," the company said. "That is why the equation editor vulnerabilities CVE-2017-11882 and CVE-2018-0802 are now the most exploited bugs in MS Office. Simply put, they are reliable and work in every version of Word released in the past 17 years."
Therefore, not all of the vulnerabilities used will directly impact Office tools, but simply exploit files that are used within the suite's applications.
Kaspersky's findings have also been backed up by recent research from security firm Recorded Future. In its latest vulnerability report, the company found eight out of the top ten vulnerabilities seen in 2018 were targeted at Microsoft products, six of which are either related to direct flaws in Office, or are vulnerabilities that are exploitable via Office files.
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.