Don’t open that Word file; it may be carrying a trojan

A new vulnerability has been identified in Microsoft Word. Security Analysts at MicroWorld Technologies inform that exploits for the vulnerability are out already, which can successfully thrust Trojan Downloaders into user computers.
 
Microsoft Corporation said they are investigating the vulnerability that exists in Microsoft Word 2000, 2002 and 2003, Word Viewer 2003, Word 2004 for Mac, and Word v. X for Mac, as well as Microsoft Works 2004, 2005, and 2006.
 
According to MicroWorld Experts, a specially crafted Word file carrying a Trojan Dropper named “MSWord.Agent’ can push Trojan downloaders into victim’s computers. The Trojans deposited this way can log on to predefined websites and bring in dangerous malwares like Backdoors and Rootkits into a victim’s computer.
 
“One stream of malware writers are quiet enthusiastic about exploring application software vulnerabilities as they think that’s a lot more easier and rewarding than getting into the OS level intricacies,” commented Sulabh Mahant, a Security Expert at MicroWorld Technologies. “And incidentally, that’s a fast growing tribe which is quiet apparent in the present tide of exploits targeting various vulnerabilities in a range of applications, including some of the AntiVirus products.”
 
In the last one year, MicroWorld Technologies have detected many vulnerability exploits aimed at MS Word files. While “Win32.Mdropper’ and “MSWord.1Table.bd’ were Trojan Droppers that transported Backdoors into targeted computers, a recent Macro Virus detected in the month of November was primarily acting as a vehicle for Password Stealing Trojans.
 
To combat masqueraded threats like these, one’s best bet would be to rely on an Intelligent and fast updating Antivirus software, that can catch Viruses and Worms at the Socket Level, which is the entry point for an external file to come into a computer. eScan from MicroWorld Technologies scans incoming data  for Viruses right there at the Winsock layer with the help of its MWL technology, to provide the most advanced protection for Information Systems.




Share this