Jan29
1:25 am (UTC-7)   |   by Paul Oliveria (Technical Communications)

TrendLabs has just discovered a new MDROPPER variant circulating in the wild and taking advantage of a newly discovered vulnerability in Microsoft Word 2000.


Detected as TROJ_MDROPPER.EQ, this Trojan is a specially crafted .DOC file that may arrive on systems as an attachment to spammed email messages, or dropped/downloaded by other malware. When executed, it then exploits the mentioned flaw in order to drop and execute an embedded — and possibly malicious — file.


Microsoft has already released a Security Advisory regarding the said vulnerability and the “limited ‘zero-day’ attacks” exploiting it. Since a security patch is yet to be released, users are advised not to open .DOC files from untrusted or unexpected sources.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Monday, January 29th, 2007 at 1:25 am and is filed under Uncategorized . Responses are closed, but you can trackback from your own site.



2 Responses to “New MS Word zero-day exploit discovered”

Trackbacks

  1. New MS Word Zero-day Exploit in the Wild « blog @ AWBHoldings.com
  2. New MS Word Zero-day Exploit in the Wild | The BLIPS Network

Trojans Loose on Navigation Devices
Just another obfuscated script… and browser exploits galore!


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice