MS Office Heavily Exploited By Cybercriminals

PreciseSecurity.com released a report in which they explained that the most commonly exploited applications worldwide this third quarter were linked to MS Office. Most of these attacks came from the United States followed by the Netherlands and Germany, among others.

As per this data, MS Office solutions and applications were the most commonly exploited by cybercriminals around the world. Data shows that exactly 72.85% of cyber exploits were performed in MS Office products as of the third quarter of this year.

MS Office products were followed by Browsers with 13.47% of the total number of exploits by cybercriminals, Android with 9.09%, Java with 2.36%, Adobe Flash with 1.57% and PDF with 0.66%.

In computer security, an exploit makes reference to individuals such as hackers or criminals that make use and take advantage of a bug or vulnerability in a specific software or computer program. In many cases, these exploits can be very costly for companies and other customers that could eventually be affected.

Moreover, the data collected by PreciseSecurity.com shows that the top 5 countries that are sources of web-based attacks include the United States with 79.16% of the market share. This is followed by the Netherlands with 15.58%, Germany with 2.35%, France with 1.85% and Russia 1.05%.

Some of the most common vulnerabilities in MS Office were related to stack overflow errors in the Equation Editor application. Other vulnerabilities were CVE-2017-8570, CVE-2017-8759, and CVE-2017-0199, among others.

Another important vulnerability was related to a zero-day issue CVE-2019-1367 that produced memory corruption and allowed remote code execution on the target system.

Nowadays, browsers are very complex products that tend to have many vulnerabilities. This happens because hackers and attackers are at all times finding and searching for new bugs to exploit and take advantage of.

Many of these vulnerabilities found in the last quarter aimed at privilege escalation inside the system stem from individual operating system services and popular applications.

Companies, applications, and firms are trying to avoid these exploits and reduce them to the minimum. In general, they are very costly and can affect a larger number of users. However, hackers and attackers are usually ready to find new bugs and use them to take advantage of these systems.

Some of the worst exploits are related to financial applications that could have a negative financial effect on other users or individuals. At the same time, financial data is becoming increasingly important and valuable in the dark web, which is pushing hackers and attackers to obtain this data as well to sell it later to scammers and other malicious parties.