TrendLabs has just discovered a new MDROPPER variant circulating in the wild and taking advantage of a newly discovered vulnerability in Microsoft Word 2000.
Detected as TROJ_MDROPPER.EQ, this Trojan is a specially crafted .DOC file that may arrive on systems as an attachment to spammed email messages, or dropped/downloaded by other malware. When executed, it then exploits the mentioned flaw in order to drop and execute an embedded — and possibly malicious — file.
Microsoft has already released a Security Advisory regarding the said vulnerability and the “limited ‘zero-day’ attacks” exploiting it. Since a security patch is yet to be released, users are advised not to open .DOC files from untrusted or unexpected sources.