Microsoft Office Was Hackers' Favorite App Target This Year

Antivirus software blocks all manner of attacks and malware on a daily basis, and that data can give security software providers a comprehensive look at how the threat landscape is evolving. Kaspersky blocked 796.8 million attacks around the globe in Q1 2018, and the company found that one popular productivity suite was the victim of more than 47 percent of exploits: Microsoft Office.

The Why Axis BugKaspersky Labs' IT Threat Evolution report identified over 282 million malicious URLs and more than 179,000 ransomware attackers, but the report also breaks down the applications targeted most by cybercriminals. In Q1, Microsoft Office exploits accounted almost half of the app vulnerabilities at 47.15 percent, more doubling its average from 2017.

Kaspersky said this came down to one frequently used Microsoft Office vulnerability named CVE-2017-11882, which exploits an old Microsoft Office componen, Equation Editor, to bypass the suite's security and launch an attack. It affects Microsoft World, Excel, and and Office apps ranging from 2007 to 2016.

Next to Office, web browsers were the most-targeted apps. Those attacks accounted for around 23.5 percent of the total in Q1 2018, followed by the Android mobile operating system at 20.7 percent.

The last piece of the pie is made up of Adobe Flash, which has had zero-day vulnerabilities exploited in all sorts of hacks; the Java runtime environment; and apps that work with PDFs.

Similar Articles:

Microsoft menaced with GDPR mega-fines in Europe for 'large scale and covert' gathering of people's info via Office

Microsoft menaced with GDPR mega-fines in Europe for 'large scale and covert' gathering of people's info via Office

Microsoft Violates GDPR by Covertly Collecting MS Office Data

Microsoft Violates GDPR by Covertly Collecting MS Office Data

Dutch government report says Microsoft Office telemetry collection breaks GDPR

Dutch government report says Microsoft Office telemetry collection breaks GDPR

Report: Microsoft’s enterprise products covertly gather personal data on users

Report: Microsoft’s enterprise products covertly gather personal data on users