05 September 2006
Word 2000 Vulnerability
A very critical security advisory has been released today regarding a vulnerability in MS Word 2000 that is actively being exploited. The vulnerability has been reported in Windows 2000, 98, 95, ME, NT and XP systems running Word 2000, but there is a possibility that it is present in other systems as well.
The only solution currently is to not open any Word documents that you don't trust.
The Trojan.MDropper.Q, actually located in the document file, uses the vulnerability to install a form of the Backdoor.Femo backdoor onto the system. These are names used by Symantec while McAfee has discovered it as well and is calling it W32/Mofei.worm.
More information can be found from McAffee and Symantec on this issue.
The only solution currently is to not open any Word documents that you don't trust.
The Trojan.MDropper.Q, actually located in the document file, uses the vulnerability to install a form of the Backdoor.Femo backdoor onto the system. These are names used by Symantec while McAfee has discovered it as well and is calling it W32/Mofei.worm.
More information can be found from McAffee and Symantec on this issue.
Labels: microsoft, office, trojan, vulnerability
