Old vulnerabilities are still a big problem

A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote code execution. “Despite fixes for CVE-2017-11882/CVE-2018-0802 being released by Microsoft in November, 2017 and January, 2018, this vulnerability remains popular amongst threat actors, suggesting there are still unpatched devices in the wild, even after over five years,” says Fortinet researcher Xiaopeng Zhang. “We are observing and mitigating 3000 attacks … More →

The post …

agent agent tesla agent tesla rat big campaign code code execution cve cve-2017-11882 cybercrime don't miss exploit fixes flagged fortinet hot stuff january malware microsoft microsoft office november office old patching phishing phishing campaign popular problem qualys ransomware rat remote code remote code execution tesla threat threat actors vulnerabilities vulnerability