The bad news is that there’s a new Word-exploiting Trojan downloader circulating the Internet; the good news is it’s not self-replicating, and requires a PC user to open an infected Word document before an attack can take place.
The MDropper-Q Trojan downloader was recently discover by Symantec, and takes an advantage of a zero-day vulnerability to load another Trojan, Backdoor-Femo to a targeted PC, allowing a hacker control of the victim.
It only affects Microsoft Word 2000, but users are warned not to open any Word documents that they may receive from unknown sources until Microsoft issues a security patch.
This is the latest in a series of Office attacks; the last exploit went after PowerPoint and was swiftly patched by Microsoft.
Symantec says, “Microsoft Office vulnerabilities are a great platform for social engineering and email based attacks”.