CVE-2017-11826 analysis in Depth
CVE-2017-11826 is a memory corruption vulnerability that allows a remote attacker to execute arbitrary code by tricking a victim into opening a specially crafted file. The problem affects all supported versions of MS Office.
Gradiant ‘Security and Privacy team has received and analysed a sample of an office document that, instead of incorporating a malicious macro, exploits the 0-day vulnerability identified as CVE-2017-11826 which patch was published on October 17, 2017. After analysis The affected content was classified as a type confusion.
This article shows an analysis of the office document. The research team noticed a slight increase in the number of malicious office documents that do not use macros. Therefore it is important to constantly update the software.