Another Word For It Patrick Durusau on Topic Maps and Semantic Diversity

November 15, 2017

From Forever Vulnerable (aka Microsoft) – Seventeen Years of Vulnerability

Filed under: Cybersecurity,Microsoft,Security — Patrick Durusau @ 4:15 pm

A seventeen year old vulnerability was patched in the Microsoft Equation Editor yesterday.

For a semi-technical overview, see Office Equation Editor Security Bug Runs Malicious Code Without User Interaction by Catalin Cimpanu.

For all the details and a back story useful for finding vulnerabilities, see: Skeleton in the closet. MS Office vulnerability you didn’t know about by Embedi.

Walking through the steps in the post to “re-discover” this vulnerability is good exercise.

It’s not the fault of Microsoft that its users fail to patch/upgrade Microsoft products. That being said, CVE-2017-11882, with a seventeen year range, should be added to your evergreen list of Microsoft vulnerabilities.

No Comments

No comments yet.

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress