New Word attacks pose as news about Tibet
It's the usual drill, say security vendors, so be careful out there
Computerworld - New attacks using rigged Microsoft Word documents have been launched, a security company said today as it warned users to be leery of mail touting news about Tibet.
Phony e-mails purporting to contain news about Tibet and its government in exile are making the rounds, according to Trend Micro Inc., which explained that the messages carry attachments that are malformed Word documents designed to exploit a vulnerability in parsing the popular word processing system's file format.
When opened, the malicious documents deposit a Trojan horse on the victim's Windows PC, said Trend Micro in a post to its security blog.
Trend Micro said the names on the fake Word documents include the following:
- CHINA';S [sic] OLYMPIC TORCH OUT OF TIBET 1.doc
- 2007-07 DRAFT Tibetan MP London schedule.doc
- DIRECTORY OF TIBET SUPPORT GROUPS IN INDIA.doc
- Disapppeared [sic] in Tibet.doc
Another security firm, Symantec Corp., confirmed the new attacks but said that it has received only "a small number" of submissions from customers regarding the exploit.
"This social engineering technique has been seen before," said Trend Micro researcher Jake Soriano on the TrendLabs Malware blog. "In October, a Trojan rode on the newsworthiness of the monk-led protests in Myanmar ... arriving as an attachment to spam [that] purported to be a message of support from the Dalai Lama to the monks."
Symantec repeated the long-standing advice that users consider banning Office documents that originate from unknown senders and exercise caution in dealing with unsolicited e-mails, particularly those with attachments.
Microsoft Corp. has patched Word several times in the past two years -- most recently in May 2007, when it holes in the way the application handles documents. The company has also been promoting its newest suites, Office 2007 for Windows and Office 2008 for Mac, as being more secure on the file format front than their predecessors, and it has locked down Office 2003 by limiting the number of formats users can open.
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts