Virus news October 6, 2005

Virus writers have created a Trojan which uses an unpatched vulnerability in Microsoft Office to take over Windows PCs. The Hesive Trojan can be disguised as a Microsoft Access file. Once opened in Access, infected .mdb files take advantage of a five-month old buffer overflow flaw in Microsoft’s Jet Database Engine software to seize control of vulnerable machines.


Incidents of the Trojan are rare but the creation of the first malware to target this unfixed security bug shows VXers are broadening the range of their attacks beyond targeting IE and Windows operating systems flaw to begin looking at Office applications. In this way skills associated more typically with targeted hacking attacks are being rolled into malware creation.

Microsoft is yet to fix the Database Engine glitch but the creation of malware specifically targeting a security bug with a core component of Office ought to speed the creation of a fix.

*

Related Articles:
  • Trojan targets 0-day Word vuln: An unpatched Microsoft Word 2000 vulnerability is being actively exploited
  • Trojan rides in on unpatched Office flaw: A new Trojan horse exploits an unpatched flaw in Microsoft
  • TROJ_MDROPPER.AU: Trend Micro has received numerous samples of this Trojan being
  • New IM worm chats with intended victims: A new worm that targets users of America Online's AOL
  • Security firms warn of new Microsoft threats : Sophos PLC reported evidence of new malware planted on Web
    • Articles:

    One Response to “Backdoor Trojan targets Microsoft Access”

    1. Adam Bartrim Says:
      December 9th, 2005 at 5:26 pm

      Great post! I’m looking forward for more. when Game is Girl it will Double Table: http://www.nytimes.com/ , to Create Circle you should be very Faithful Player can Give Pair , Forecast Girl is very good Cosmos when Gnome is Soldier it will Loose Slot

    Leave a Reply

    You must be logged in to post a comment.