(TechRepublic Premium)
But despite a security update being available to protect against the vulnerability for over three years, it's still the most frequent exploit used by cyber criminals to deliver malware via malicious Microsoft Office documents.
"The enduring popularity of Equation Editor exploits such as CVE-2017-11882 may be due to home users and businesses not updating to newer, patched versions of Office. We commonly see this vulnerability being exploited by attackers who distribute easily-obtainable [remote access trojans]," Alex Holland, senior malware analyst at HP Inc, told ZDNet.
The use of CVE-2017-11882 has dropped compared to the previous quarter, when it accounted for 87% of exploits used – but another vulnerability is gaining popularity, more than doubling in use in just the space of a few months.