1Table.A appears to be a perfectly normal Word document. It cannot send itself automatically, and therefore needs the intervention of a malicious user in order to be distributed. This still however gives it plenty of scope, as it can be sent as attachments to e-mail messages or downloaded from web pages or P2P file-sharing networks, among many other systems.
If a user runs 1Table.A, it exploits this security problem to release a backdoor Trojan called Gusi. This creates a backdoor on the computer that allows a remote attacker to take a series of actions. TruPreventTM proactive detection technologies have detected Gusi without prior identification, so computers that have them installed have been protected from the outset.
According to Luis Corrons, director of PandaLabs: “this is a very serious security problem, as it allows malicious Word documents to be created which could take a host of actions on computers. Cyber-crooks have seen the enormous potential of this vulnerability, and it has only taken a few hours until we have seen the first malicious code that exploits it, and no doubt there will be more shortly.”
It is important to remember that any MS Office, such as Excel spreadsheets or PowerPoint presentations, could have malicious Word documents embedded, thereby making them potentially dangerous attack vectors.
Given that no patch has yet been released by Microsoft for this vulnerability, users are advised to act with caution on opening Word or MS Office documents, and ensure they have a fully up-to-date antivirus installed on their computers.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.