Typically, on Malware Mondays we warn our readers about new vulnerabilities and viruses, however, this week is a little different. This is not a new vulnerability found in Office but rather a 17 year old one that the bad guys are using to take control of your computer without user interaction.
Fortinet’s researchers discovered that the malware, called Cobalt, is in the wild and specifically coming through SPAM emails. These emails normally come with a file attached and a password to open it . This is to trick the victims into believing that the email came from legitimate financial services.
Once the file is opened, depending on your office configuration, Office will ask you to enable the content. At that point in time, the malware is downloaded and executes in the background taking control of the victim’s machine. Once the control of the machine is complete, the bad guys can attempt to jump and get control of any other computers on the same network.
Update and patch all your Office and Windows devices to fix this vulnerability. If you don’t know which one to download and install, just search and download the patch for the CVE-2017-11882 vulnerability.
Be safe out there, until next Malware Monday.