Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Trojans Fire Zero-day Attack At Microsoft Word

A new unpatched bug in Microsoft Word 2000 is actively being exploited by attackers, several security organizations said Tuesday.

Symantec's researchers said that they'd analyzed a sample of the in-the-wild attack and confirmed that it worked against a fully-patched edition of Office 2000 -- Word 2000 is one of the applications bundled with that version of the Office suite -- running on a fully-patched Windows 2000 machine.

"Although we have not been able to exploit other versions of Office with this specific sample, others may be affected by the vulnerability," Symantec said in an alert issued to customers of its DeepSight threat system. The Cupertino, Calif.-based security vendor characterized the exploit as "reliable" and added that it was "mostly transparent to an end-user."

If a Word 2000 user opens the malicious document attached to the attacker's e-mail message, a Trojan horse drops another file onto the computer; that file (actually another Trojan) drops yet another file, this time a backdoor component which leaves the machine open to additional attack or misuse.

The attack doesn't self-replicate, nor is a multiple-vector exploit that like some other recent rivals, leverages any of several vulnerabilities.

  • 1