Back in 2017, Microsoft announced a vulnerability in their Equation Editor, dubbed CVE-2017-11882. This memory corruption vulnerability allowed attackers to execute malicious code in the context of the exploited user. Here we are in 2020 and the vulnerability is still be exploited in phishing attacks. In this episode we speak with Cofense Cyber Threat Intelligence Analyst Max Gannon about what the vulnerability is, why it’s still being exploited, and what organizations can do to better defend against these attacks.
For more information on topics mentioned in this episode, please visit:
Cofense “Patch or Pass” blog post
Questions or comments? Reach us at [email protected]
Discover how phishing awareness training can help your organization defend against changing phishing threats.