Microsoft Office Vulnerability Most Common Hacker Target

Malicious attachment launches provides the ability to deploy further malware

By By Dan Hounsell


As healthcare systems continue strengthening IT security against cyber attacks and the federal government issues guidance to support their efforts, information is emerging about the most common targets of hackers looking for valuable patient data and other information.

The most frequent exploit in the last three months caught by HP Sure Click was against an older, unpatched memory corruption vulnerability in Microsoft Office, accounting for nearly 75 percent of all exploits in the fourth quarter of 2020, according to a recent threat insights report from HP Bromium as reported by Health IT Security.

CVE-2017-11882, found in Equation Editor, is a memory-corruption vulnerability that can allow an attacker to execute remote code on vulnerable devices after the victim opens a malicious document typically sent in a phishing email. The malicious attachment launches the exploit and provides the ability to deploy further malware. Microsoft has provided a software update to eliminate the risk, but these unpatched systems are leaving the door open to attacks.



March 19, 2021


Topic Area: Information Technology


Recent Posts

Caravel Autism Health Opens New Therapy Clinic in Missouri

The clinic features colorful, sensory-friendly spaces.


On the Lookout: The Software Supply Chain as a Healthcare Cyberattack Vector

Staying watchful of third-party software vendors and their activities is critical for healthcare cybersecurity.


Hackensack Meridian Health & Wellness Center at Clifton Opens

The Clifton center expands health care access in Passaic County by reducing barriers such as travel and wait times.


Suffolk Breaks Ground on Expansion of White Plains Hospital

The 10-story, approximately 500,000-square-foot expansion is slated to open in 2028.


EVS Leadership Culture Critical in Preventing Hospital-Acquired Sepsis

Cleaning is an essential yet complex component for the prevention of HAI-induced sepsis.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

 
 
 
 

Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.