Friday, February 01, 2008 10:15 AM
cmosby
Making News with Old Word(s): MS06-027 and MS07-014 - McAfee Avert Labs Blog
Making News with Old Word(s): MS06-027 and MS07-014
Thursday January 31, 2008 at 7:16 am CST
Posted by Geok Meng Ong
Trackback
This week, McAfee® Avert® Labs detected a bunch of uninteresting old OLE exploits. The fact that they are old and are still actively being used by malware authors, however, evidently shows that they continue to be a potent threat to many computer users who do not routinely patch their systems.
At least seven maliciously crafted Word documents, touting recent political news, are believed to have taken their content directly off the Internet:
- African countries need to further consolidate macroeconomic stability.doc
- Free Tibet Olympics Protest on Mount Everest.doc
- Hong Kong Parade Supports 19 Million CCP Withdrawals.doc
- DIRECTORY OF TIBET SUPPORT GROUPS IN INDIA.doc
- 2007-07 DRAFT Tibetan MP London schedule.doc
- CHINA’S OLYMPIC TORCH OUT OF TIBET 1.doc
- Disapppeared in Tibet.doc
Each of these documents are designed to install further backdoor or downloader Trojans on systems running unpatched versions of Microsoft Word. Two known Word vulnerabilities are exploited, and should be patched as below:
Vendor Patch
Release Date
MS06-027
June 13, 2006
MS07-014
February 13, 2007
For McAfee customers, proactive detection is available. For more information about coverage for your setup, go here:
Once again, we offer the gentle reminder to install the latest security patches from the vendor.
Source: Computer Security Research - McAfee Avert Labs Blog
Filed under: Security and Anti-Virus, Microsoft Office, Internet Hacks, Spam\Phishing, Patch Managment