November 30, 2017

The 17-year-old vulnerability is still active


Cobalt Malware Spreads Using 17-Year-Old Vulnerability(Link)


<Summary>
❑ The vulnerability that existed for 17 years was patched by Microsoft in November of this year.
❑ A hacking group called Cobalt is using this vulnerability to spread malicious code. The related spam mails are disguised as the notice of rule changes in the payWave service.
* Threat actors exploit all vulnerabilities regardless of how old it is.
❑ Such this attacks which exploit vulnerabilities disclosed often occur. Therefore, frequent security updates should be required.