Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I By FortiGuard Labs

Sep 20, 2022


An embedded file in an Excel Document was recently captured by FortiGuard Labs and analyzed.

The vulnerability - CVE-2017-11882 is exploited by the file and used to execute malicious code which delivers and execute malware on a victim’s device.

What is CVE-2017-11882?

CVE-2017-11882 is a 17-year old memory corruption issue in Microsoft Office (including Office 360). When exploited successfully, it can let attackers execute remote code on a vulnerable machine—even without user interaction—after a malicious document is opened

Affected platforms: Microsoft Windows

Impacted parties: Windows Users

Affected Applications: Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016

Impact: Control and Collect Sensitive Information from Victim’s Device.

Severity level: Critical

Open the link below to read more on how the attack works as analyzed by FortiGuard Labs

Excel Document Delivers Multiple Malware By Exploiting CVE-2017-11882 – Part I

Open the link below to see the CVE description.


How to protect yourself and your data

  • Update the Microsoft affected Office products using the link below or check for updates from your Microsoft OS
  • Patch and update the systems and its application
  • Implement security mechanisms that can mitigate further exposure of sensitive data
  • Use an Antivirus software or an Endpoint protection software
  • Use firewall appliance that implement Web Filtering, IPS and Antivirus services