funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New PowerPoint 0-day and Trojan - FAQ document available

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Tue, 22 Aug 2006 18:37:26 +0300 (EEST)
Trend Micro has updated its TROJ_MDROPPER.BH description. The updated document states that dropped PowerPoint file 
exploits an older MS06-012 vulnerability.
This vulnerability is Microsoft Office Remote Code Execution Using a Malformed Routing Slip Vulnerability,
http://www.microsoft.com/technet/security/bulletin/MS06-012.mspx

It has similarities with other malware that exploit the vulnerability mentioned.

British Sophos, e.g., has assigned new description entitled as Troj/Small-COA.
http://www.sophos.com/virusinfo/analyses/trojsmallcoa.html

The FAQ document http://blogs.securiteam.com/?p=559 and its title field will be updated soon.

- Juha-Matti
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: