Excel is still a security headache after 30 years because of this one feature | WHAT REALLY HAPPENED X-Frame-Options: DENY X-Frame-Options: SAMEORIGIN

Excel is still a security headache after 30 years because of this one feature

Microsoft released Excel 4.0 for Windows 3.0 and 3.1 in 1992 and many companies still use this functionality in legacy operations. The problem is that bad actors have started using Excel sheets and macros as a new way to deliver malware.

Tal Leibovich, head of threat research at Deep Instinct, explained at a presentation during DEFCON 29 why this legacy scripting language has been the vehicle for a recent rise in malware delivery. Leibovich presented "Identifying Excel 4.0 Macro strains using Anomaly Detection" with Elad Ciuraru last week. Deep Instinct is a cybersecurity company specializing in endpoint protection and using deep learning to stop cyberattacks.

Security organizations first noticed a spike in March 2020 of this kind of attack. Microsoft released a new runtime defense against Excel 4.0 macro malware in March. Leibovich said that he has seen a substantial increase over the last two years of hackers using Excel 4.0 Macros in attacks.

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA