Hackers Exploiting Old MS Excel Vulnerability to Spread Agent Tesla Malware
Hackers Exploiting Old MS Excel Vulnerability to Spread Agent Tesla Malware
21 December 2023
Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla.
The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office's