A Zero day exploit has been discovered and was attemped to be used by a would be intruder to compromise PCs at a Japanese government entity by exploiting the flaw, Vincent Weafer, the senior director at Symantec Security Response according to this ZDNet news article.

Microsoft is readying a security update for Word that repairs this vulnerability, a company representative said in an e-mailed statement. The fix is scheduled to be released as part of the June 13 security updates, or sooner, if warranted, the representative said.

The malicious file arrives in email (or could likely be downloaded from a website I would think). Opening the Word file triggers things and while something else might appear to be happening (text or whatever displayed in the document), behind the scenes a backdoor (trojan of some kind I would imagine) is installed on the sytem. The backdoor pings an IP in Asia presumably to say I’m here and apparently waits for commands.

According to the article, “The vulnerability was confirmed in Word 2003, Symantec said. The malicious file caused Word 2000 to crash, but did not run the malicious payload, it added.”

Symantec said that this was based on one attack. However, “with the disclosure of this previously unknown vulnerability, new attackers may begin to exploit it in a widespread manner.”

Symantec (and I would imagine all AV/Spam Filtering software companies) will be working hard on this one before it becomes a wide spread problem.

Tag Cloud

%d bloggers like this: