Microsoft PowerPoint Zero-Day Attack

SecurityProNews
Staff Writer
2006-07-14

Hackers are taking advantage of a flaw in Microsoft PowerPoint in a Zero-Day attack that is being linked to a known Trojan Horse.

Symantec has linked it to Trojan.PPDropper, which comes from a Gmail address according to PC Mag.

The message reportedly comes with a subject line written in Chinese. The file name is also Chinese. Ryan Naraine of PC Mag explains the attack:

The PowerPoint attachment is opened, the Trojan drops and executes a variant of Backdoor.Bifrose.E, a keystroke logger that is used to steal sensitive information and send it back to a remote server controlled by malicious hackers.

The Trojan also injects a malicious routine into the EXPLORER.EXE process that overwrites the malicious PowerPoint file with a new clean copy of the document.

Microsoft released its monthly patches only three days ago. Similar attacks have been made related to Microsoft Word and Excel in recent memory.

Tags: Microsoft, PowerPoint

Add to Del.icio.us | DiggThis | Yahoo! My Web | Furl

About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.

More news_security_news Articles

Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Featured On:

article resources

WebProWorld.com

•	Get in-touch with industry experts and leaders
•	Post your site for review by expert and peers
•	Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com


Titan Quest Forum The #1 Titan Quest forum
Halo 3 Forum The best Halo, Halo 2, Halo 3 forum
Nintendo Wii Nintendo Wii news and views
Mac Software The best in OS X freeware
Graphics Forum Your source for graphic tutorials