TELECOM Digest OnLine - Sorted: Symantec Warns of New Zero-Day Word Attack

Symantec Warns of New Zero-Day Word Attack

Jeremy Kirk, IDG (idg@telecom-digest.org)
Fri, 26 Jan 2007 19:23:34 -0600

Review Index Sorted By: [ date ][ thread ][ subject ][ author ]
Next message: Mr Joseph Singer: "Florida Retiree Wins Cell Phone Bill Fight"
Previous message: Matthew Fordahl, AP: "Windows Finally Gets a Facelift"
TELECOM Digest: Home Page

by Jeremy Kirk, IDG News Service

Hackers are exploiting a new, unpatched vulnerability in Microsoft
Word that could allow them to take control of a victim's computer,
Symantec has warned.

qThe zero-day vulnerability is the fourth in Microsoft's widely-used Word
2000 software that has not yet been patched, the security company said
in its Security Response Warning.

A zero-day vulnerability refers to a security hole for which exploits
are already available when it was discovered. This latest one affects
most versions of Windows running Word, Symantec's advisory said.

"Extremely Critical"

Danish security vender Secunia ApS also reported the vulnerability,
and rated it as "extremely critical," its highest-level
warning. Microsoft, however, said the attacks are "very limited."

The attack comes via an infected Word document, a method increasingly
used by hackers for targeted attacks. If the document is opened, it
installs a Trojan horse program, called Trojan.Mdropper.W, onto the
computer, Lau wrote. The Trojan also puts other files on a computer
that enable a hacker to control it.

Microsoft released three sets of critical patches on Jan. 9, including
ones for Outlook, PowerPoint and Windows, but not for Word.

Word Widely Used

Users can avoid trouble by not opening unexpected Word documents
attached to e-mail. Hackers often spam out thousands of messages with
harmful attachments, such as Trojan horse programs, hoping
unsuspecting victims will open them.

Trojans often look harmless and can quietly install themselves on a
computer with no visible signs. The use of Word to mount an attack can
be particularly effective since the file format is so widely used.

Copyright 2007 PC World Communications, Inc.

NOTE: For more telecom/internet/networking/computer news from the
daily media, check out our feature 'Telecom Digest Extra' each day at
http://telecom-digest.org/td-extra/more-news.html . Hundreds of new
articles daily. And, discuss this and other topics in our forum at
http://telecom-digest.org/forum (or)
http://telecom-digest.org/chat/index.html

For more news and headlines, please go to:
http://telecom-digest.org/td-extra/news-today.html (and)
http://telecom-digest.org/td-extra/technews.html

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: Mr Joseph Singer: "Florida Retiree Wins Cell Phone Bill Fight"
Go to Previous message: Matthew Fordahl, AP: "Windows Finally Gets a Facelift"

TELECOM Digest: Home Page

Post Followup Article	Use your browser's quoting feature to quote article into reply
Go to Next message: Mr Joseph Singer: "Florida Retiree Wins Cell Phone Bill Fight"
Go to Previous message: Matthew Fordahl, AP: "Windows Finally Gets a Facelift"
TELECOM Digest: Home Page