I published the following diary on isc.sans.edu: “More Equation Editor Exploit Waves“:
This morning, I spotted another wave of malicious documents that (ab)use again CVE-2017-11882 in the Equation Editor (see my yesterday’s diary). This time, malicious files are RTF files. One of the samples is SHA256:bc84bb7b07d196339c3f92933c5449e71808aa40a102774729ba6f1c152d5ee2 (VT score: 19/57)… [Read more]
[The post [SANS ISC] More Equation Editor Exploit Waves has been first published on /dev/random]