Decades-old Microsoft Office vulnerable to deliver malware: CERT

The Sri Lanka Computer Emergency Response Team (CERT) issued a red alert today on the vulnerability to transmit malware through usage of decades old Microsoft Office software in order to steal personal data of end users, the cyber agency said.

Indicating the threat level as' High', the CERT said that with the COVID-19 crisis, Cybercriminals are busy scamming and delivering malware using the attention-getting virus as a lure.

According to the United States Secret Service (USSS) advisory, attackers are using two decade old Microsoft Office memory corruption vulnerability (CVE-2017-11882), for which Microsoft released a security patch in November 2017.

An attacker will send a phishing email disguised as coming from a hospital. E-mail contains a malware infected attachment mostly Microsoft office related documents such as excel file, word document, etc. Malware get active when victim opens the mail attachment. Malware is capable of stealing credentials, open shares on networks and view all files and folders as well as discover and take cryptographic information.

There are chances that the attacker could send an email with .EXE file disguised as an PDF file fooling the recipients into believing that they were opening a PDF file containing list of needed supplies. Instructions by CERT to secure personal data online as folows:

Impact

✻  Losing control of your windows PC
✻  Stealing credentials & personal information
✻  If the same password is used on other applications or computers in the same network, all of devices can get compromised
✻  Malware infections possible of ransomware viruses

Solution/ Workarounds

✻  Update Microsoft Office package
✻  Update operating system with the latest security patch
✻  Never open email attachments unless you know sender
✻  Refrain clicking unknown links

References

✻  https://www.csoonline.com/article/3536696/us-secret-service-warns-of-malicious-emails-offering-covid-19-information.html