Computerworld
Home News Blogs In Depth ReviewsWhite Papers Newsletters IT Careers

resource center


Ads by TechWords

See your link here

Newsletter Sign-Up

Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Word vulnerability used in attacks, Symantec says

Microsoft confirmed a critical flaw in Microsoft Word 2000

By Robert McMillan
September 5, 2006 12:00 PM ET
Recommended
(2)
Digg
Share/Email

IDG News Service - Hackers continue to poke holes in Microsoft Corp.'s Office software.

Symantec Corp. has warned that an unpatched flaw in the Windows 2000 version of Microsoft Office 2000 is being used by attackers to run unauthorized software on victims' computers.

Microsoft today confirmed that the bug exists but would not say when it plans to fix the problem.

The critical vulnerability was first reported by Symantec to users of its DeepSight threat notification service. Attackers are exploiting the flaw by sending malicious Word documents to victims, Symantec said. When these documents are opened, Word is tricked into installing malicious software on the PC.

Symantec is calling this malware Trojan.MDropper.

Trojan.MDropper installs malicious software on the computer, which in turn installs another Trojan horse program, "which turns out to be new variant of Backdoor.Femo," Symantec said in a Web posting. Symantec testers have not been able to exploit the problem on more up-to-date versions of Office or Windows.

Microsoft is investigating the issue and may release a patch once its investigation is completed, according to its public relations agency.

Microsoft has spent a lot of time investigating and patching Office applications this year. Over the past few months there have been several reports concerning very targeted attacks, similar to this latest Office issue.

Microsoft's last few security updates have been filled with patches for Office flaws, many of which had already been used in attacks.

Recommend Digg Twitter ShareThis
Email Print Send Feedback Reprints

Reprinted with permission from

IDG.net
Story copyright 2009 International Data Group. All rights reserved.

Jump to comments

Microsoft

Additional Resources

EFD vs. HDD - What You Need to Know
WHITE PAPER
EFD vs. HDD - What You Need to Know
Enterprise flash drives provide a new Tier 0 storage layer capable of delivering high I/O performance at a very low latency. Proper use of EFDs in an Oracle environment can deliver increased performance compared to fibre channel drives. Read the recommendations for identification of the best DB components for EFDs.
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
WHITE PAPER
Gartner Research Report: Magic Quadrant for Application Delivery Controllers, 2009
The market for products to improve the delivery of application software over networks remains dynamic and innovative. Vendors focused on solving enterprises' most-pressing application problems have become the top players.
Eight Criteria for Server Load Balancing
WHITE PAPER
Eight Criteria for Server Load Balancing
Server load balancers are a simple yet highly effective means to scale an application environment while ensuring its availability. Today's solutions should also address application performance and security. Read about the top eight criteria you should consider when choosing a server load balancer and how Citrix NetScaler meets those requirements.

White Papers & Webcasts

Network Security Overwatch Layer: Smarter Protection For the Enterprise
Download this whitepaper now!  

Best Practices for Log Monitoring
Watch Now!

Endpoint Security: When Encryption Isn't Enough
Over 60% of data breaches are caused by careless employees or insider theft.  

Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!

3 Tips for Faster File System Auditing
Download this White Paper Now!  

Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!

Network-Optimized, Secure Replication for Enterprise-Class Disaster Recovery
Download this resource now!  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Interactive Brochure: iPhone in the Enterprise
Download This Resource Today!  

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

All White Papers | All Webcasts

Computerworld Reports

8 Questions To Ask About Your Intrusion-Security Solution

Computerworld Briefing: Staffing for Intelligence

Computerworld Technology Briefing: More than Business Value

All Computerworld Reports

 
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.