Forum Index
Home Forum Radio Memberlist Help Search Quick Links

It appears you have not yet registered with our community which limits what you can do & see. It's Free To register, please click here.



Forum Index » Internet » Security Alerts and vulnerabilities » Latest Office Zero-Day Vulnerability
Register Calendar Gallery Mark Forums Read

Security Alerts and vulnerabilities Lets keep abreast on the latest threats by posting those findings here..

Reply
 
Thread Tools Display Modes
  #1  
Old 02-08-2007, 12:24 AM
Symantec's Avatar
Symantec Symantec is offline
Senior Member
  
Join Date: Oct 2006
Posts: 295
Latest Office Zero-Day Vulnerability
Latest Office Zero-Day Vulnerability
<p>Last week, Microsoft published <a href="http://www.microsoft.com/technet/security/advisory/932553.mspx">Security Advisory 932553</a> to warn Windows users of a new vulnerability in Microsoft Office. Security Response has ****ysed a sample of a malicious Microsoft Excel file that appears to be exploiting the vulnerability that is hinted at in that Advisory. Fully patched versions of Office 2000, XP, and 2003 appear to be vulnerable to this exploit.</p>

<p>Upon opening the malicious Microsoft Excel document, which Symantec now detects as <a href="http://www.symantec.com/security_response/writeup.jsp?docid=2007-020717-0252-99">Trojan.Mdropper.Y</a>, it drops a Trojan horse program by using the exploit referenced by CVE-2007-0671 (<a href="http://www.symantec.com/security_response/writeup.jsp?docid=2007-020717-0252-99">BID 22383</a>). It proceeds to drop a back door Trojan onto the compromised computer. It then attempts to contact a remote server and may enable an attacker to gain remote access to your computer. Both Trojans are detected as <a href="http://www.symantec.com/security_response/writeup.jsp?docid=2006-111409-1926-99">Backdoor.Bias</a>.</p>

<p>It appears to be exploiting a bug on MSO.DLL, a shared library used by Office applications, so as Microsoft indicated in the advisory, it could affect other Office applications. However, to date, we have only seen it execute on Excel.</p>

<p>As this vulnerability has not been patched yet, you should be extra careful and refrain from opening Office files received from untrusted sources. In general, to protect yourself against threats, you should exert extreme care when you receive any files unless they are expected and come from a known and trusted source. Keep your antivirus up-to-date and follow <a href="http://www.staysafeonline.org/practices/index.html">safe computing practices.</a> <br />
</p>
http://www.symantec.com/enterprise/security_response/weblog/2007/02/latest_office_zeroday_vulnerab.html
http://www.symantec.com/enterprise/security_response/weblog/2007/02/latest_office_zeroday_vulnerab.html
Wed, 07 Feb 2007 11:00:00 -0800
Reply With Quote
Posted


Reply

  • Submit Thread to Digg Digg
  • Submit Thread to del.icio.us del.icio.us
  • Submit Thread to StumbleUpon StumbleUpon
  • Submit Thread to Google Google
    • Bookmarks

    « Previous Thread | Next Thread »
    Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
     
    Thread Tools
    Display Modes
    Linear Mode Linear Mode

    Posting Rules
    You may not post new threads
    You may not post replies
    You may not post attachments
    You may not edit your posts
    BB code is On
    Smilies are On
    [IMG] code is On
    HTML code is Off
    Forum Jump



    All times are GMT -5. The time now is 08:42 AM.

    Contact Us - CyberAnswers - Archive - Privacy Statement - Top

    Firefox 2