[SANS ISC] A Good Old Equation Editor Vulnerability Delivering Malware

I published the following diary on isc.sans.edu: “A Good Old Equation Editor Vulnerability Delivering Malware“:

Here is another sample demonstrating how attackers still rely on good old vulnerabilities…  In 2017, Microsoft Office suffered from a critical vulnerability that affected its Equation Editor tool, known as CVE-2017-11882. It’s a memory corruption vulnerability that leads to remote code execution, pretty bad. It was heavily exploited at this time and I was curious to find a new document spread with the same good old vulnerability… [Read more]

The post [SANS ISC] A Good Old Equation Editor Vulnerability Delivering Malware appeared first on /dev/random.

Article Link: [SANS ISC] A Good Old Equation Editor Vulnerability Delivering Malware - /dev/random