Get patching: US, UK, and Australia issue joint advisory on top 30 exploited vulnerabilities | WHAT REALLY HAPPENED X-Frame-Options: SAMEORIGIN

Get patching: US, UK, and Australia issue joint advisory on top 30 exploited vulnerabilities

At the end of almost seven months in 2021, one of the 30 most exploited vulnerabilities dates from 2017, according to the US Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom's National Cyber Security Centre (NCSC), and the US FBI.

CVE-2017-11882 is the holder of the dubious honour, and it is due to a stack buffer overflow in the equation editor of Microsoft Office, which can lead to remote code execution (RCE). It is an exploit that vendors have been banging on about for years already.

The quartet of agencies said on Wednesday that the easiest way to fix this hole, and the 29 others listed, would be to patch systems.

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA