Jul17
1:21 am (UTC-7)   |   by Ivan Macalintal (Advanced Threats Researcher)

Following up on the reported targeted malware attacks yesterday regarding a Powerpoint Trojan-Dropper exploiting a 0day vulnerability in MS Powerpoint, now comes three proof-of-concept codes targeting the same application.

Incidentally, these 3 new POCs have been released by the author (going by the handle of “naveed”) who was also known to have been responsible for at least one of the POCs for the XLS 0days last June and which have been recently patched by MS06-037.

The three released codes supposedly disclosed vulnerabilities such as:

1) A bug in the mso.dll (a shared MS Office library) file
2) Memory corruption
3) And one regarding an unspecified vulnerability.

All have been tested against Powerpoint 2003, but then again, the codes may also affect other versions and other MS Office applications as well.

Trend is now analyzing the proof-of-concept codes and we will soon post updates so do stay tuned!

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Monday, July 17th, 2006 at 1:21 am and is filed under Uncategorized . Responses are closed, but you can trackback from your own site.



Comments are closed.


Malware Search Through Google
New PPT 0-day


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice