1Table.A - trojan that uses a Microsoft Word vulnerability
Posted on 23.05.2006
PandaLabs has detected the appearance of 1Table.A, a malicious code that exploits a recently detected critical vulnerability in Microsoft Word, and which also affects versions of MS Office 2003 and XP. This security problem allows the execution of code on affected systems and, more dangerously, allows the construction of malicious code which is indistinguishable at first glance from a normal Word file.

1Table.A appears to be a perfectly normal Word document. It cannot send itself automatically, and therefore needs the intervention of a malicious user in order to be distributed. This still however gives it plenty of scope, as it can be sent as attachments to e-mail messages or downloaded from web pages or P2P file-sharing networks, among many other systems.

If a user runs 1Table.A, it exploits this security problem to release a backdoor Trojan called Gusi. This creates a backdoor on the computer that allows a remote attacker to take a series of actions. TruPreventTM proactive detection technologies have detected Gusi without prior identification, so computers that have them installed have been protected from the outset.

According to Luis Corrons, director of PandaLabs: “this is a very serious security problem, as it allows malicious Word documents to be created which could take a host of actions on computers. Cyber-crooks have seen the enormous potential of this vulnerability, and it has only taken a few hours until we have seen the first malicious code that exploits it, and no doubt there will be more shortly.”

It is important to remember that any MS Office, such as Excel spreadsheets or PowerPoint presentations, could have malicious Word documents embedded, thereby making them potentially dangerous attack vectors.

Given that no patch has yet been released by Microsoft for this vulnerability, users are advised to act with caution on opening Word or MS Office documents, and ensure they have a fully up-to-date antivirus installed on their computers.





Spotlight

The role of the cloud in the modern security architecture

Posted on 31 July 2014.  |  Stephen Pao, General Manager, Security Business at Barracuda Networks, offers advice to CISOs concerned about moving the secure storage of their documents into the cloud and discusses how the cloud shaping the modern security architecture.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Aug 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //