Trend Micro notes increase in regionally targeted attacks as trojan becomes latest to exploit a Ichitaro flaw.
A trojan has been found to be exploiting a buffer overflow vulnerability in popular Japanese word processing package
Ichitaro
. According to analysts at
Trend Micro
a backdoor trojan is installed when a malicious .JTD file is opened in
Ichitaro 2006
running on the Japanese version of
Windows XP SP2
.
Trend
detects the malicious .JTD file as TROJ_TARODROP.AB, and the backdoor it installs as BKDR_AGENT.AIAJ.
Trend
researchers note that the number of targeted attacks on Japanese applications has increased over the past 12 months – and that this is the second Ichitaro exploit in the space of six months.
The vulnerability is reported by
Symantec
in an advisory
here
. More from
Trend
analysts can be found in their blog
here
. For users of
Ichitaro
a security update patching the vulnerability can be downloaded
here
.
Posted on 18 December 2007 by
Virus Bulletin
Leave a Reply