Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   I for one would like to say a word of appreciation and thanks to the moderators who help so many people on this forum. I would also like to remind all you people who post your urgent problems on any of the forums that it only takes a minute to say "thank you" to the person who helps you resolve your problem. I know how very frustrating it is to follow a problem until it is (presumably) resolved and then have the person who posed the problem disappear without any acknowledgement of having been helped. Think how you would feel is you had invested your time and your expertise in helping someone and they didn't even say "thank you." - jayt  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Services

See what services Cyber Tech Help can offer your business or website: CTH Services
CTH Services

Related MS Links

Related Links
Cyber Tech Help Community

To the top of the page to top

 



Critical Word Vulnerability Uncovered

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Critical Word Vulnerability UncoveredCritical Word Vulnerability Uncovered

Posted by: Tweaker
Date added: 03:04, 20th May 2006 GMT
Source: Beta News

Microsoft

Security researchers have discovered a zero-day vulnerability in Microsoft Word, which is already being actively exploited by hackers in China and Taiwan. Microsoft's Security Response Center says it is working with antivirus vendors to prevent attacks and plans to release a security patch on June 13.

The exploit is spread as a Word document attached to an e-mail. Users who open the attachment with Word XP and Word 2003 are then infected with a trojan that contains rootkit-like features in order to hide itself from antivirus scanners.

The trojan communicates back to a server, but it's not yet clear what data is transferred. "When the exploit is launched, early on in the process, it drops a bot, possibly Rbot or some variant," said SANS Internet Storm Center researcher Chris Carboni in a diary entry.

"Once the bot is in place, it begins an extensive recon of the system; installed patches, installed AV, contents of My Documents, startup file contents, IE config, etc."

No antivirus application currently detects the exploit, according to SANS. Microsoft is hoping to remedy this problem and says it is working closely with security vendors. The Redmond company plans to update its own Windows Live Safety Center with definitions that detect the new attack.

"The Office team is hard at work on an update that addresses the vulnerability. It's in testing right now to make sure it's of the right quality for release," said Microsoft security researcher Stephen Toulouse. "Right now we're on schedule to be released as part of the June security updates on June 13, 2006, or sooner as warranted."

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]