Trojan uses unpatched hole in office software.
At least one trojan has been seen in the wild exploiting a newly discovered vulnerability in
Microsoft
‘s
Word 2000
software. The trojan is embedded in a malformed
Word
document, and executed when the document is opened.
The trojan has been variously labelled
‘MDropper.Q’
(
Symantec
) and
‘Mofei’
McAfee
, among others. It is believed only to affect users of
Word 2000
, rather than other versions of the office suite, and
Microsoft
has yet to respond to the issue.
See the
Secunia
advisory
here
and the
SANS
report
here
. A
SecuriTeam
FAQ can be found
here
.
Posted on 6 September 2006 by
Virus Bulletin
Leave a Reply