loader gif

Microsoft warns about email spam campaign abusing Office vulnerability

Microsoft warns about email spam campaign abusing Office vulnerability (Identity Theft, Fraud, Scams)

Microsoft's security researchers have issued a warning on Friday afternoon about an ongoing spam wave that is spreading emails carrying malicious RTF documents that infect users with malware without user interaction, once users open the RTF documents. An active malware campaign using emails in European languages distributes RTF files that carry the CVE-2017-11882 exploit, which allows attackers to automatically run malicious code without requiring user interaction. Back in 2017, security researchers from Embedi discovered a bug in this older component that allowed threat actors to execute code on users' device without any user interaction whenever a user would open a weaponized Office file that contained a special exploit. Because Microsoft appeared to have lost the source code for this old component, and after the discovery of a second Equation Editor bug in 2018, Microsoft decided to remove the older Equation Editor component altogether from the Office pack in January 2018. Malware operators have jumped on this exploit and have weaponized it ever since the end of 2017, knowing they'll have ample time to take advantage of forgetful users who don't bother with security updates.

loader gif