The U.S. Cyber Command has found that a known Microsoft Outlook bug is being used to launch malicious attacks, Nextgov reported Friday. CYBERCOM said in a tweet dated July 3 that it recommends immediate patching for systems that may be impacted by malware.
According to Milpita, Calif.-based cybersecurity firm FireEye, Â Iranian and other adversary hackers have been exploiting the CVE-2017-11774 bug to âcause confusion for many security professionals.â
âIf Outlook launches something malicious, a common assumption is that the impacted user has been phished â which is not what is occurring here. The organization may waste valuable time without focus on the root cause,â the company said in a statement.
Previously, FireEye published a blog post that identifies a group called APT33 that works âat the behest of the Iranian governmentâ as the source for such threats.