Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mdropper.j - Zero Day Excel Based Exploit


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:09:34 AM

Posted 16 June 2006 - 11:15 AM

Like the Word 0 Day attack, so far this new threat is low risk and not prevelant in the wild. Still, until AV vendors have this covered all users should be very careful and not launch any EXCEL spreadsheets they may find in unexpected email messages.

Mdropper.J - Zero Day Excel based Exploit
http://blogs.technet.com/msrc/archive/2006/06/16/436174.aspx
http://secunia.com/advisories/20686/
http://www.frsirt.com/english/advisories/2006/2361


Mdropper.J - Links related to New Trojan Horse
http://www.frsirt.com/english/virus/2006/04533
http://www.symantec.com/avcenter/venc/data...mdropper.j.html


Here's what we know: In order for this attack to be carried out, a user must first open a malicious Excel document that is sent as an email attachment or otherwise provided to them by an attacker. (note that opening it out of email will prompt you to be careful about opening the attachment) So remember to be very careful opening unsolicited attachments from both known and unknown sources.

Technical Description: A vulnerability has been identified in Microsoft Excel, which could be exploited by attackers to take complete control of an affected system. This flaw is due to an unspecified error when processing a specially crafted document, which could be exploited by attackers to execute arbitrary commands by convincing a user to open a malicious file.

Zero Day Excel based Exploit: This 0day vulnerability is currently being exploited in the wild by Trojan.Mdropper.J

Affected Products: Microsoft Excel 2000-2003, Office 2000-2003



BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users