Panda Software Labs Detects 1Table.A, a Trojan That Uses a Microsoft Word Vulnerability to Infect Computers24 May 2006
Panda Software Labs has detected the appearance of 1Table.A, a malicious code that exploits a recently detected critical vulnerability in Microsoft Word, and which also affects versions of MS Office 2003 and XP. This security problem allows the execution of code on affected systems and, more dangerously, allows the construction of malicious code which is indistinguishable at first glance from a normal Word file.
1Table.A appears to be a perfectly normal Word document. It cannot send itself automatically, and therefore needs the intervention of a malicious user in order to be distributed. This still however gives it plenty of scope, as it can be sent as attachments to e-mail messages or downloaded from web pages or P2P file-sharing networks, among many other systems.
If a user runs 1Table.A, it exploits this security problem to release a backdoor Trojan called Gusi. This creates a backdoor on the computer that allows a remote attacker to take a series of actions. TruPrevent(TM) proactive detection technologies have detected Gusi without prior identification, so computers that have them installed have been protected from the outset.
According to Luis Corrons, director of PandaLabs: "This is a very serious security problem, as it allows malicious Word documents to be created which could take a host of actions on computers. Cyber-crooks have seen the enormous potential of this vulnerability, and it has only taken a few hours until we have seen the first malicious code that exploits it, and no doubt there will be more shortly."
It is important to remember that any MS Office, such as Excel spreadsheets or PowerPoint presentations, could have malicious Word documents embedded, thereby making them potentially dangerous attack vectors.
Given that no patch has yet been released by Microsoft for this vulnerability, users are advised to act with caution on opening Word or MS Office documents, and ensure they have a fully up-to-date antivirus installed on their computers.
Panda Software clients that don't yet have TruPrevent(TM) Technologies have the updates available to install them along with their antivirus and ensure they have preventive protection against unknown viruses and intruders. More information about TruPrevent(TM) Technologies at http://www.pandasoftware.com/truprevent
Panda Software also offers users Virus Alerts, an e-bulletin in English and Spanish that gives immediate warning of the emergence of potentially dangerous malicious code. To receive Virus Alerts just visit Panda Software's website (http://www.pandasoftware.com/about/subscriptions/) and complete the corresponding form.
Make sure your computer is free from viruses, spyware and other Internet threats using the free online solution Panda ActiveScan http://www.activescan.com .
For further information about these and other computer threats, visit Panda Software's Encyclopedia.
About Panda Software Labs
Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients safe. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPrevent(TM) Technologies, which act as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av.Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users (more info at http://www.pandasoftware.com/pandalabs.asp).
For more information: http://www.pandasoftware.com/virus_info
For more information:
Carolina Sanabria
Panda Software
Public Relations Manager
Tel: (818) 543-6909
Source: prnewswire
All trademarks and copyrighted information contained herein are the property of their respective owners.
The Shield Pro 2006
Related Articles
|
