Cofense Email Security

Phish Fryday – Phishing with the Microsoft Equation Editor Vulnerability

Back in 2017, Microsoft announced a vulnerability in their Equation Editor, dubbed CVE-2017-11882. This memory corruption vulnerability allowed attackers to execute malicious code in the context of the exploited user. Here we are in 2020 and the vulnerability is still be exploited in phishing attacks. In this episode we speak with Cofense Cyber Threat Intelligence Analyst Max Gannon about what the vulnerability is, why it’s still being exploited, and what organizations can do to better defend against these attacks.

For more information on topics mentioned in this episode, please visit:

NIST CVE Details

Cofense “Patch or Pass” blog post

Questions or comments? Reach us at [email protected]

Discover how phishing awareness training can help your organization defend against changing phishing threats.

Share This Article
Facebook
Twitter
LinkedIn

Search

We use our own and third-party cookies to enhance your experience. Read more about our cookie policy. By clicking ‘Accept,’ you acknowledge and consent to our use of all cookies on our website.