funsec mailing list archives
Re: New PowerPoint 0-day and Trojan - FAQ document available
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Tue, 22 Aug 2006 18:37:26 +0300 (EEST)
Trend Micro has updated its TROJ_MDROPPER.BH description. The updated document states that dropped PowerPoint file exploits an older MS06-012 vulnerability. This vulnerability is Microsoft Office Remote Code Execution Using a Malformed Routing Slip Vulnerability, http://www.microsoft.com/technet/security/bulletin/MS06-012.mspx It has similarities with other malware that exploit the vulnerability mentioned. British Sophos, e.g., has assigned new description entitled as Troj/Small-COA. http://www.sophos.com/virusinfo/analyses/trojsmallcoa.html The FAQ document http://blogs.securiteam.com/?p=559 and its title field will be updated soon. - Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: New PowerPoint 0-day and Trojan - FAQ document available Juha-Matti Laurio (Aug 22)