On TechRepublic: 10 cool tools in Windows 7
BNET Business Network:
BNET
TechRepublic
ZDNet
164 TalkBacks

By Joris Evers
Posted on ZDNet News: May 19, 2006 6:32:00 PM

A new, yet-to-be-fixed security hole in Microsoft Word exposes computer users to cyberattack, Symantec warned Friday.

Would-be intruders already have attempted to compromise PCs at a Japanese government entity by exploiting the flaw, Vincent Weafer, the senior director at Symantec Security Response, said in an interview. In response, Symantec has raised its ThreatCon to Level 2, which means an outbreak is expected.

"What we're seeing is a continuation of the targeted threat using zero-day vulnerabilities," Weafer said. (Zero-day flaws are ones for which no patch exists.) "We got it from a single large customer inside Japan. We have not seen anyone else get it."

Microsoft is readying a security update for Word that repairs this vulnerability, a company representative said in an e-mailed statement. The fix is scheduled to be released as part of the June 13 security updates, or sooner, if warranted, the representative said.

The malicious software arrives as a Microsoft Word file attachment to an e-mail message. When the document is opened by the user, the vulnerability is triggered. In the Japanese case, the Word document actually displayed some text related to a treaty with China, but while the text was displayed, a backdoor was installed on the system, Weafer said. Backdoor software allows intruders to enter computers surreptitiously.

"The backdoor in turn pings an IP address located in Asia. It just pings to say it is available, but then, of course, you have a backdoor on your system," he said.

The vulnerability was confirmed in Word 2003, Symantec said. The malicious file caused Word 2000 to crash, but did not run the malicious payload, it added.

Exploitation of the security hole so far is only known as part of a single, targeted attack, Symantec said. "However, with the disclosure of this previously unknown vulnerability, new attackers may begin to exploit it in a widespread manner," the Cupertino, Calif., security company said in an advisory sent to customers.

The targeted attack can bypass spam filters, and Symantec's antivirus software doesn't yet detect the particular Word file as malicious, Weafer said. "We are looking at the vulnerability itself, in terms of generic blocking," he said, adding that the security software does detect the backdoor and the installer of the backdoor.

Microsoft and Symantec urge caution in the opening of Word documents received as an unexpected e-mail attachment.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 164 Talkback(s)
"only happening in Japan"
Yeah, only the number two economy in the world, no big deal. . .

[/sarcasm] (Read the rest)
Posted by: Samanalysis Posted on: 06/11/07 You are currently: a Guest | | Terms of Use
Patch due June 13 Ohhh that's freaking nice.  LinuxSystems | 05/19/06
Forgot to add...  LinuxSystems | 05/19/06
Great placement!  Spikey_Mike | 05/19/06
You're on a linux system  Boot_Agnostic | 05/19/06
Yes I'm whining yes I run Linux...  LinuxSystems | 05/19/06
Yes I'm whining yes I run Linux...  LinuxSystemsIsAnAssWipe | 05/19/06
Hmmm...  Zeppo9191 | 05/19/06
it's illiterate, Smart Guy.  LinuxSystems | 05/19/06
Oh, and by the way...  davedufour | 05/19/06
Switching to Open Office  Neon Cockroach | 05/20/06
fun?  SC-man | 05/20/06
It was glorious  nomorems | 05/22/06
Yet Another Speedy Patch Response By Microsoft  itanalyst | 05/19/06
Install OpenOffice  OhMyGosh | 05/19/06
Now let's Be Fair  Mr Shaun Warburton | 05/19/06
Word flaw used in attack waits for fix  Loverock Davidson | 05/19/06
And Again, Another Moronic Response  itanalyst | 05/19/06
So by your reasoning  Shelendrea | 05/19/06
Loveschlock Doesn't Care  itanalyst | 05/19/06
Could be  Loverock Davidson | 05/19/06
All it takes is ONE person, Loverock! (nt)  Zeppo9191 | 05/19/06
I'm willing to be dollars to donuts  itanalyst | 05/19/06
BAH!  Shelendrea | 05/19/06
I have a wooden post you can borrow to talk to  itanalyst | 05/19/06
I don't think that  Shelendrea | 05/19/06
Wow, I Hand't Thought About It That Way  itanalyst | 05/19/06
ROTFL  Shelendrea | 05/19/06
Could be counts for MS also  Mr_Dave | 05/21/06
Yet again...  zkiwi | 05/21/06
Yes, Only In Japan  itanalyst | 05/19/06
No outside internet connections to the rest of the world  TokyoPete | 05/20/06
no outside connections etc.  TokyoPete | 05/20/06
reading too much into the post I think.  spdrcrtob | 05/21/06
Jone 13 is nearly a month away  Zeppo9191 | 05/19/06
YOU SAID LINUX YOU SAID LINUX!!!!  itanalyst | 05/19/06
lol! Yeah, that I did. So sorry. (nt)  Zeppo9191 | 05/19/06
Yes it is a month away  Loverock Davidson | 05/19/06
Are you THAT stupid?  itanalyst | 05/19/06
Ah. But not as stupid...  John Zern | 05/19/06
"Getting the patch ready" <> "Releasing it ASAP"  Zeppo9191 | 05/19/06
Got one word for ya...  LinuxSystems | 05/19/06
Loverock, U dont get out of the hospital very often eh?  DangDaCommonCentz | 05/22/06
Question  yyuko@... | 05/20/06
LoveRock Davidson Is An Ass  LoverockDavidsonIsAnAss | 05/20/06
"only happening in Japan"  Samanalysis | 06/11/07
THIS BROUGHT TO YOU BY SAME PEOPLE WHO SAID OSS ISNT RELIABLE!!  itanalyst | 05/19/06
calm down  Shelendrea | 05/19/06
GAAAH! Eeep!!! Ugh!!!  itanalyst | 05/19/06
Cesar G  cesar44 | 05/21/06
This is no big deal  bidemytime | 05/19/06
ROTFLMAO!!! Awesome!!  itanalyst | 05/19/06
Ah. wasn't THAT funny  John Zern | 05/19/06
Come on now  Shelendrea | 05/19/06
Use OpenOffice or StarOffice untill MS wakes up and get a fix out. Simple!  michael_t | 05/19/06
How much code did you look over in OO?  John Zern | 05/19/06
Yet another reason...  JDThompson | 05/19/06
How about we don't  Loverock Davidson | 05/19/06
It doesn't do that anymore.  Hugh Jass | 05/19/06
How about we know what we're talking about  SC-man | 05/19/06
OMG, why doesn't Linux or Mac just save the world already  Boot_Agnostic | 05/19/06
dont underestimate  doh123 | 05/19/06
hey  Boot_Agnostic | 05/19/06
Come on you Shills!!! Defend this latest gaffe!!!  itanalyst | 05/19/06
Why? It's more fun watching you  John Zern | 05/19/06
Microsoft vs Open Source  jmonahan | 05/19/06
FACT: Open Source is NOT responsive to the needs of the masses!  ajole | 05/22/06
ROTFLMAO too!  999ad@... | 05/19/06
Amen....  LinuxSystems | 05/19/06
Dont you get it??? We dont care.  Cayble | 05/19/06
I would rather hack you than someone else  IceTheNet@... | 05/20/06
Good. GO right ahead. Be My Guest  Cayble | 05/20/06
Ah, but I DO care ...  other_native | 05/20/06
Use Linux then  Cayble | 05/20/06
Would if I could ...  other_native | 05/20/06
Different software but you forgot  SouthernPride | 05/20/06
Its easy, Linux usually installs great  Cayble | 05/20/06
Yes, you may be right  other_native | 05/20/06
Here are a few places to look about Linux  ajole | 05/22/06
Open Source : 900 Fixes In Two Weeks  itanalyst | 05/19/06
Are you really bragging about 900 holes in OSS?  Confused by religion | 05/19/06
High Five  Shelendrea | 05/19/06
Sure....  LinuxSystems | 05/19/06
If they had read the article that the OP was referencing,  Hugh Jass | 05/19/06
Maybe the top poster should have included such  Boot_Agnostic | 05/19/06
Damn - where do I get one of those...  Confused by religion | 05/19/06
LOL your not missing at all...  LinuxSystems | 05/19/06
You know, I feel sorry for you that you cannot run a Windows  Confused by religion | 05/19/06
Excellent reply  SouthernPride | 05/19/06
Actually, I Was A Unix Sys Admin For 4 Years  itanalyst | 05/19/06
I don't know why I waste my time...  LinuxSystems | 05/19/06
Milly there is a problem though...  Linux Advocate | 05/20/06
Here is an excert from a long article...  Linux Advocate | 05/20/06
How Do You Know?  IceTheNet@... | 05/20/06
Feeling sorry  SC-man | 05/20/06
Apparently all the IT admins with WinBox problems are *nix folks  ajole | 05/22/06
Of Course  SC-man | 05/19/06
Dreamer  Cayble | 05/19/06
Reality  SC-man | 05/20/06
FYI that covers 35 OS's windows alone has:  IceTheNet@... | 05/20/06
Isn't Symantec supposed to alert MS *before* annoucing the vulnerability?  wolf_z | 05/19/06
They're no longer on speaking terms...  Zeppo9191 | 05/19/06
But George Ou can still complain about OOo.  Letophoro | 05/19/06
Key word - caution  SouthernPride | 05/19/06
Thanks for the info on Word, but....  Cayble | 05/19/06
But we do care...  LinuxSystems | 05/19/06
Your solution is not  Boot_Agnostic | 05/19/06
I have...  LinuxSystems | 05/19/06
Apple does not compare to Linux  SouthernPride | 05/19/06
OS X is  SouthernPride | 05/19/06
Don't plan on switching anytime soon  Boot_Agnostic | 05/20/06
How about you learn how to do your job  Cayble | 05/19/06
Yep...I'll never open any e-mail attachments either.  Grayson Peddie | 05/20/06
Check your IDS logs recently???  Spikey_Mike | 05/23/06
Ok.. Lemme get this straight...  Wolfie2K3 | 05/19/06
Your a good luser then...  LinuxSystems | 05/19/06
Stop crying  Cayble | 05/19/06
Dude, get a Freakin' CLUE!  ajole | 05/22/06
Well...  zkiwi | 05/22/06
I'm not defending anything, but I will now.  ajole | 05/22/06
Amazing... Isn't it?  Wolfie2K3 | 05/22/06
How much money  lengua99 | 05/23/06
So what you're saying is  lengua99 | 05/23/06
Higher ground...  Wolfie2K3 | 05/22/06
No, you forgot the rules  itanalyst | 05/19/06
That's really not fair...  angela_6uk | 05/20/06
Ah.. But they have...  Wolfie2K3 | 05/22/06
Actually...  zkiwi | 05/22/06
You are right, and they can't use table saws either!  ajole | 05/22/06
Good Insight...  Wolfie2K3 | 05/22/06
Sadly, you are correct about users being idiots  ajole | 05/22/06
OpenOffice  penguinpete | 05/19/06
Pretty good bet the answer is a resounding  Linux User 147560 | 05/19/06
Message has been deleted.  SouthernPride | 05/19/06
You do realize of course that you are now  Linux Advocate | 05/20/06
Probably No  itanalyst | 05/19/06
Not unless...  Wolfie2K3 | 05/22/06
Message has been deleted.  SouthernPride | 05/19/06
Again for your edification  Linux Advocate | 05/20/06
Oh please  SouthernPride | 05/20/06
Ah, but I do.  Cardinal_Bill | 05/20/06
Flames are boring.  tler | 06/02/06
If Diogenes were alive today  rjhenn | 05/19/06
Noise . . .  tler | 06/02/06
What a load of meaningess rants  Bob G Beechey | 05/19/06
Ask Linux Luser he is an expert in all  SouthernPride | 05/20/06
And again you initiate an unwarrented attack!  Linux Advocate | 05/20/06
Flames  tler | 06/02/06
The reason was never good enough IMHO  CobraA1 | 05/20/06
afaik  zkiwi | 05/22/06
Try...  Wolfie2K3 | 05/22/06
Oh my  Krazyken39 | 05/20/06
100% bug free . . . . ?  tler | 06/02/06
Found The Fix Install this Update  IceTheNet@... | 05/20/06
I tried your fix  Loverock Davidson | 05/20/06
Grin  IceTheNet@... | 05/20/06
This is the correct link  SouthernPride | 05/20/06
The REAL correct link  Bob G Beechey | 05/20/06
Real  SC-man | 05/20/06
Open Office  greenjavlin | 05/21/06
SUSE is as easy as Windo$e to install . . . almost.  tler | 06/02/06
Merrlyn  other_native | 05/20/06
Well one flawed concept  SouthernPride | 05/21/06
Give Microsoft some slack  rb_snow@... | 05/22/06
Windows turn  TonyMcS | 05/30/06

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
advertisement
Click Here