Researchers at Trend Micro and Cisco’s Talos identified a new wave of phishing attacks leveraging CVE-2017-0199, a previously patched remote code execution vulnerability in the OLE (Windows Object Linking and Embedding) interface of Microsoft Office. The latest attacks have paired the vulnerability with others in an attempt to bypass warning messages displayed by Microsoft Word. But the attackers failed to test their code, as the two vulnerabilities they attempted to chain together didn’t work. The attacks start via email with an attached malicious RTF document.”]