New trojan for zero day exploit in MS Office 2000
The security specialists at Symantec have discovered a trojan that attacks a previously unknown security hole in Microsoft Office. If the infected document is opened in Word from Office Suite 2000, it creates and launches a new file. Symantec has designated the malware as Mdropper.Q. It in turn installs the backdoor trojan Backdoor.Femo.
Using the backdoor trojan, attackers can access the Windows command line to launch executable files, delete files and directories, as well as download files from the Web. In Symantec's estimation Mdropper.Q has only managed to spread itself sporadically up until now. Users should nevertheless exercise caution and not open Office documents from unknown sources; documents attached to emails, even from colleagues, should also be viewed with suspicion if they are not expected. Attackers have in the past forged the sender addresses on emails in order to plant malware on corporate computers.