Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
    Digg this story   Add to del.icio.us  
New MS Word 0-day found
Published: 2006-09-05

A new zero-day vulnerability that affects Microsoft Word 2000 has been discovered, along with a Trojan dropper that installs a backdoor on a user's computer.

Trojan.MDropper.Q was discovered by anti-virus giant Symantec, and takes advantage of a newly discovered vulnerability in Word 2000 to drop a variant of the Backdoor.Femo backdoor (note: SecurityFocus is owned by Symantec Corporation). Anti-virus firm McAfee also discovered the threat and is calling it a worm known as W32/Mofei.worm.

Similar to other recent Microsoft Office vulnerabilities, dangerous documents containing the dropper must be opened by a user of the application in order to cause harm.

Microsoft Office products have seen numerous vulnerabilities exploited in recent months, with over 25 flaws found in 2006 alone.

Posted by: Kelly Martin
    Digg this story   Add to del.icio.us  
 
Comments Mode:
New MS Word 0-day found 2006-09-05
Juha-Matti Laurio
New MS Word 0-day found 2006-09-06
Anonymous (1 replies)
Re: New MS Word 0-day found 2006-09-06
Juha-Matti Laurio







 

Privacy Statement
Copyright 2008, SecurityFocus