[ insider_reports_insider ]
Word Exploiter: Hi, I'm A Mac
David Utter
Staff Writer
2007-10-12
 Insider Reports RSS Feed
An attack targeted at a newly-patched flaw in Microsoft Word came from a document created on an Apple Macintosh.
 | | Word Exploiter: Hi, I'm A Mac |  |
Researchers at Symantec experienced something that many users of Microsoft Word have faced: open a document, and Word crashes.
For once Microsoft did not have to shoulder the blame for this little problem. The document arrived as a sample of an attack against a just-patched flaw in Word. Someone who did not have the patch in place could be exploited, as demonstrated.
"After some investigation we determined that the document had actually been created using Word for Macintosh," Symantec noted on their Security Response blog. A peek at the document header revealed someone had created it on a Mac, instead of a PC.
If successful, this attack would drop a trio of malicious files onto a machine. A couple of Trojans and a rootkit arriving via the Word attack vector could turn a PC into another rooted bot on the Internet.
Symantec said the default configurations of Office 2007 and Office 2003 SP3 would not permit this older file format to be opened, but other versions of Office may allow it. As always, be careful when opening files from trusted senders, and discard unexpected ones or documents from unknown senders to mitigate this type of attack.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
