CVE-2017-11882

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2007 through 2016

Description The issue is related to the improper handling of objects in memory, allowing an attacker to run arbitrary code in the context of the current user. This can be exploited by opening a specially crafted file with a vulnerable version of Microsoft Office or Microsoft WordPad. The vulnerability has been exploited in real-world incidents, including phishing attacks where attackers send emails with malicious attachments that exploit the vulnerability to download and execute malware, such as Remcos RAT. The estimated number of potentially affected devices worldwide is not specified, but it is known that the vulnerability has been used to target companies, enterprises, government agencies, and banks in various industries, including financial, logistic, and government sectors.

Recommendations For Microsoft Office versions 2007 through 2016, apply the security patch to ensure the software is up to date. Additionally, avoid using administrator privileges when handling office documents, and consider disabling the vulnerable component until a patch is available. As a temporary workaround, restrict access to the vulnerable module to minimize the risk of exploitation.