One of the most popular security vulnerabilities among cyber criminals during the past few months is a software flaw in Microsoft Office that's over five years old – and it continues to be exploited because, despite a longstanding available security update, many businesses still haven't applied it.
Malware delivered in attacks exploiting CVE-2017-11882 includes Formbook, which secretly provides attackers with remote access capabilities, keystroke logging, and the ability to take screenshots, putting victims at risk of stolen usernames and passwords.
The vulnerability is also associated with the delivery of Redline, malware that steals usernames, passwords, credit card details and the contents of cryptocurrency wallets, along with the contents of chat logs.
Attacks looking to exploit CVE-2017-11882 often begin with phishing emails designed to lure victims into opening malicious documents, which trigger the bug.
Although a security patch for CVE-2017-11882 has been available for several years, the vulnerability is still prevalent enough to be commonly exploited by cyber criminals.
"These older technologies are still in use by many organizations due to certain dependencies or preferences. The continued use of legacy systems is why these older vulnerabilities live on and remain actively exploited years later," Nicole Hoffman, senior cyber-threat intelligence analyst at Digital Shadows told ZDNET.
While regularly applying security updates for all manner of software across an enterprise network can be challenging, this is one of the best things businesses can do to help protect their network and users from falling victim to cyberattacks – particularly if they focus on patching some of the most commonly exploited vulnerabilities.
"Organizations should employ a risk-based approach to their vulnerability and patch management processes. Not all critical vulnerabilities end up being exploited in the wild. Vulnerability Intelligence can help provide valuable context to enable organizations to make informed, risk-based decisions," said Hoffman.