Patched Microsoft Word exploit hits the wild

By

Virus writers are actively exploiting a memory corruption vulnerability in Microsoft Word that was patched on Tuesday, researchers said today.

Patched Microsoft Word exploit hits the wild
The flaw, which, according to Microsoft, was being exploited in targeted attacks prior to Tuesday's fix, is rated "extremely critical" by vulnerability tracking firm Secunia. It affects Microsoft Office 2000, Office XP and Office 2004 for Mac.

Users' machines can be compromised if they open a specially crafted Office file that contains the memory corruption error, according to the Secunia advisory. The exploit drops a trojan, dubbed Mdropper.Z by Symantec.

Alfred Huger, vice president of engineering in Symantec Security Response, told SCMagazineUS.com that this scenario is nothing new. Once attackers realize their discovery has been patched, they either start spreading the attack in a widespread manner or sell the exploit code to interested buyers.

Word is an attractive target, he said.

"It has a tremendously large user base," Huger said. "We normally see any user application that has a large footprint like is going to be targeted first (after Patch Tuesday)."

Symantec researchers have only received one in-the-wild attack submission from a customer, but they believe the exploit is being heavily distributed.

Users should be wary of opening files from untrusted sources, in addition to attachments from trusted sources that they were not expecting to receive.

A Microsoft spokesperson could not immediately be reached for comment.

See original article on SC Magazine US
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
exploithitsmicrosoftpatchedsecuritythewildword

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?