Trojan exploits unpatched Word vulnerability
PrintReal and present danger
Posted in Software & Security, 22nd May 2006 11:42 GMT
Free whitepaper – What Exchange can't do - and Dell can
Hackers have developed malicious code designed to exploit an unpatched vulnerability in Microsoft Word 2002 and 2003.
Maliciously-constructed Word documents containing the Mdropper-H Trojan have begun to circulate on the net in messages that pose as internal emails. The malware contains a number of objects (such as PowerPoint slides and Excel charts) along with Backdoor-Ginwui, which opens a back door that allows hackers to control compromised Windows PCs.
"This threat originated in Asia but is not spreading widely because it seems to be targeted at specific large organisations," Symantec Security Response senior director Vincent Weafer said. "Symantec has seen similar types of targeted attacks in the past which leveraged exploits in office applications, such as Word. This event illustrates the trend toward zero-day targeted attacks."
Microsoft says it is working on a patch designed to fix the underlying vulnerability in MS Word, though it's unclear when an update will be ready.
The SANS Institute has published an advisory on how to defend against Mdropper-H attacks. ®
Free whitepaper – Managing desktop software for fun and profit
The Register Agile Data Center Summit
Straight Talk with Dell: Sending out an SaaS
Seven ways to optimize VMware server virtualization
Automating the Acquisition Process with Enterprise Level CRM
Sign up, sign up for The Register IT security newsletter
Microsoft's Windows 7 price gamble - and why it's flawed
Managing Desktop Software for fun and profit
Intel's flash new SSDs hit by bugs