Criminals appear to have developed it knowing some users have not patched or updated to newer versions, Trend Micro says.
Organizations that do not patch critical vulnerabilities in the software they use can remain exposed to attacks indefinitely.
A case in point is a new malware variant that researchers at Trend Micro discovered targeting vulnerabilities that were discovered more than six years ago in Adobe Acrobat, Adobe Reader, and Microsoft Office software. Both companies had issued patches.
The malware is a variant of the Asruex Backdoor associated with DarkHotel, a group known for targeting business hotel visitors via hotel Wi-Fi networks. Asruex has been around since at least 2015 and allows attackers to take complete remote control of infected systems. It infects systems via a shortcut file, which, when opened, executes a PowerShell command that ultimately results in Asruex being downloaded on the system. The malware is designed to spread through network drives and removable drives, Trend Micro explained in an advisory this week.
Asruex Backdoor Variant Infects Word Documents and PDFs Through Old MS Office and Adobe Vulnerabilities - TrendLabs Security Intelligence Blog
Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex we found that a variant of the malware can also act as an infector particularly through the use of old MS Office and Adobe vulnerabilities.