Forum latest

The hard "Word!"
General
Written by Daniel   
Monday, 21 August 2006 10:04
Dark Reading
Windows Flaw, Word Trojan Found


JUNE 30, 2006 | Microsoft is investigating a new flaw in the Windows operating system, while researchers have discovered a new Trojan that poses as a legitimate Word document.

Microsoft acknowledged the possible Windows vulnerability in its Security Response Center Blog last night, but didn't provide details about the hole, which it says it learned about via proof-of-concept code posted on the Web. An attacker could exploit the Windows hole using Internet Explorer; the user would activate the malware by clicking on an infected link.

The hole hasn't been exploited yet, Microsoft says. "We are not aware of any attacks attempting to use the reported vulnerabilities or of customer impact at this time," says a Microsoft spokesperson. But the spokesperson says the flaw may require a security advisory or a security update in one of its Patch Tuesday releases.

Separately, Sophos reported the discovery of a new Word Trojan, called Kukudro-A. The Trojan isn't exploiting any holes in Word, explains Gregg Mastoras, security analyst for Sophos. The exploit is a combination of a spam email posing as an Apple, HP, and Sony laptop sales pitch, and a malware executable. When you open the infected files, called prices.zip, apple_prices.zip, or sony_prices.zip, they launch my_Notebook.doc, the infected Word file with the "pricing" information. Once a user opens the file, the Trojan silently slips into his computer, and the user is none the wiser, Mastoras says.....

Discussion

 

See also

None found.


Hardware | Windows | Linux | Security | Mobile Devices | Gaming
Tech Business | Editorial | General News | folding@home

Forum | Download Files

Copyright ©2001 - 2012, AOA Forums.  All rights reserved.

Alliance of Overclocking Arts

Links monetized by VigLink

Don't Click Here Don't Click Here Either