2020-05-21 00:00:00

SecurityCISA|document|exploit|hacking|list|Microsoft|office|ranking|top 10|vulnerability

Top 10 most exploited software security holes hide in office documents

People who work with open source software tend to be concerned about vulnerabilities in Wordpress, Java and other popular products, but criminals and spies who want direct access inside a business or government organization prefer exploiting security holes in office documents. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a top 10 list of the most exploited security problems in software from 2016 until 2019.

If someone wants to access computers and data inside an organization, and decided to hack his or her way in via office documents, what is the most popular product that almost everyone is using? Microsoft Office, and file formats that it uses.

In that sense it is not a surprise that security problems in Microsoft products dominate the most exploited top 10 list, but it is a surprise that patches for these widely known security holes have been available for a long time. Organizations that have been hacked just haven't bothered to update their software products.

Top 10 security problems in software products by CISA

  1. A remote code execution vulnerability in Microsoft Office products is used to bypass security settings. The problem has been known since 2017. (CVE-2017-11882)
  2. Another remote code execution hole in Microsoft Office allows an attacker to run his own software (delivered in a document) on a user’s computer. It is used, for instance, by banking and spyware trojans such as Dridex. (CVE-2017-0199)
  3. A remote code execution problem in Apache Struts, exploited in the Equifax hack of 2017. Apache Struts is a framework for Java applications.(CVE-2017-5638)
  4. Eight years old problem in Windows ActiveX component hasn't been updated on all computers, but can still be exploited, for instance, by the Dridex banking trojan. (CVE-2012-0158)
  5. Microsoft SharePoint, an intranet service platform, has a remote code execution vulnerability that was exploited in an attack to the United Nations infrastructure in Geneva in 2019. (CVE-2019-0604)
  6. A remote code execution hole in Microsoft SMB (file and printer sharing service within local office network) is so popular attack vector that it has been incorporated into the EternalSynergy and EternalBlue software kits available on the internet. (CVE-2017-0143)
  7. Fortunately, the use of Adobe Flash Player has been declining for a few years already, but since 2018 attackers have been and still are targeting a vulnerability in the software. (CVE-2018-4878)
  8. Microsoft .NET Framework has a remote code execution vulnerability that has allowed, for instance, FinFisher spyware to get in to office networks. (CVE-2017-8759)
  9. All organizations that use RTF document format beware: a security problem in Microsoft Office allows a hacker to run his own program that is distributed inside a RTF document. (CVE-2015-1641)
  10. Open source content management and publishing system Drupal has a core vulnerability that has been used to run cryptomining code Kitty. (CVE-2018-7600)

CISA also warns that in 2020, two new attack techniques are growing at an alarming rate:

  • VPN servers that haven't been updated are a new target. Particularly, Citrix VPN appliances and Pulse Secure VPN servers are being attacked.
  • Microsoft Office 365 cloud services are a new frequently attacked target.

Via The Register.

News

2025-01-21 18:01:00

Well, they are capitals of European countries that have been awarded an extra honor for 2025 by the #EU Commission. These capital awards are annual, so here are the cities selected to represent the best city in each category in 2025. #Europehttps://klaava.com/sure-states-have-capitals-but-in-europe-there-are-also-culture-smart-and-green-capitals/


News

2025-01-15 08:59:00

Not to mention travel – when real life experiences in a destination don’t match the expectations and everything that can go wrong, goes wrong. Well, that’s the beauty of #travel. #Europehttps://klaava.com/nitpickers-travel-journal-travel-lessons-learned-in-2024/


News

2025-01-11 13:25:00

A conclusion from the Traffic Scorecard 2024 results is it takes about double the time to drive along the streets of London (the most congested city in #Europe) than the streets of Munich, which is ranked the 21st most congested European city. #traffic #travelhttps://klaava.com/the-cities-in-europe-where-people-are-stuck-in-traffic-most-often/


A shop dedicated to tasty juice

2025-01-09 14:04:10

arihak

A shop dedicated to tasty juice


in the busy old town center.

2025-01-08 16:16:08

in the busy old town center.


News

2025-01-07 14:56:00

A reminder for keeping your data safe when traveling. Why? It is likely that you have to access your most critical data in risky situations on the road.https://cybernews.com/privacy/how-to-protect-your-sensitive-information-while-traveling/


News

2025-01-02 16:33:00

What about the scenery, you who are hurrying to the other side?#streetphotography#streetphoto


News

2025-01-01 16:06:00

According to a survey, third of travelers are victims of online booking scams. Since it is so convenient to make travel reservations online, that’s what we do. The problem is that we haven’t adopted new methods to avoid online scams. #travel #scamhttps://klaava.com/a-traveler-is-more-likely-to-get-scammed-when-booking-a-trip-than-being-robbed-in-a-destination/


Perhaps road builders had too much time?

2024-12-29 15:19:44

Perhaps road builders had too much time?


News

2024-12-27 18:25:00

#Photography is full of so-called “rules” that can feel overwhelming. However, some of these “rules” are downright myths.https://www.diyphotography.net/debunking-seven-common-myths-photographers-still-believe-in/


What should I read next?

2024-12-25 15:18:22

arihak

What should I read next?


News

2024-12-23 11:34:00

Since #EU #DMA has specified #Apple as a #gatekeeper in #mobile devices, EU considers Apple should implement several iOS connectivity features, predominantly used for and by connected devices. For instance, notifications, automatic Wi-Fi connection, AirPlay, AirDrop, or Bluetooth audio switching.https://digital-markets-act.ec.europa.eu/commission-seeks-feedback-measures-apple-should-take-ensure-interoperability-under-digital-markets-2024-12-19_en


News

2024-12-21 14:51:00

Smartphone users in the US are not impressed with the latest artificial intelligence features on their devices with 73 percent of Apple users and 87 percent of Samsung users unsatisfied, according to a new study. #phone #AIhttps://petapixel.com/2024/12/19/majority-of-smartphone-users-are-unimpressed-with-ai-features-study-finds/


There should be enough ice already to open the hotel

2024-12-20 16:40:17

There should be enough ice already to open the hotel


Hiking on a mountain experience: the end of an ancient tunnel

2024-12-09 14:12:31

arihak

Hiking on a mountain experience: the end of an ancient tunnel


on a hot summer day

2024-12-02 18:47:01

on a hot summer day


Cloudy day in a valley

2024-11-25 16:31:59

arihak

Cloudy day in a valley


In the shade of a lone palm tree

2024-11-25 15:46:29

In the shade of a lone palm tree


an abandoned town?

2024-11-07 18:35:22

an abandoned town?


A quiet moment between heavy rain

2024-10-24 17:34:45

A quiet moment between heavy rain