12 December 2006
More Office Vulnerabilities
This has been a dangerous week for MS Office users. Two exploits have been discovered.
The latest exploit is the result of an error when processing word files. Thankfully it is not being exploited very actively and requires a person to open the file to actually be affected by it, which mostly prevents anyone who practices safe computing habits from being affected by the exploit. The word file used in the exploits contains the PWS-Agent.g Trojan which collects passwords from IE, Firefox and email clients.
Unfortunately currently Microsoft has released very little information aside from a confirmation of the exploit and has no patch or workaround.
The latest exploit is the result of an error when processing word files. Thankfully it is not being exploited very actively and requires a person to open the file to actually be affected by it, which mostly prevents anyone who practices safe computing habits from being affected by the exploit. The word file used in the exploits contains the PWS-Agent.g Trojan which collects passwords from IE, Firefox and email clients.
Unfortunately currently Microsoft has released very little information aside from a confirmation of the exploit and has no patch or workaround.
Labels: microsoft, office, vulnerability
