Cybercriminals are still exploiting a 2017 vulnerability in Microsoft Office Equation Editor, despite it being discontinued in 2018. This exploit can lead to remote code execution and keylogger installation, posing significant security risks. #CVE2017-11882 #MicrosoftOffice #EquationEditor
Keypoints
- Cybercriminals continue to target the unpatched CVE-2017-11882 vulnerability in Microsoft Office Equation Editor.
- The vulnerability allows remote code execution, enabling attackers to take control of affected systems.
- Microsoft discontinued the Equation Editor in 2018 due to security flaws, replacing it with a new version.
- Attackers use malicious files, including VisualBasic-enabled add-ins, to exploit older Office versions.
- Users running unsupported Office versions are advised to update or disable the affected software to prevent attacks.
Read More: https://www.theregister.com/2025/08/13/crooks_cant_let_go_active/