Trojan Horse Sneaks Through MS Office Hole
Jeremy Kirk, IDG News ServiceMon Oct 3, 5:00 PM ET
Microsoft says it is investigating a recently released Trojan horse that targets a hole--first identified in April--in its Microsoft Office software suite.
Symantec has issued an advisory that the Trojan horse, named Backdoor.Hesive, can arrive as a Microsoft Access file, exploiting a Microsoft Jet Database Engine buffer overflow. The code can give an unauthorized user access, Symantec says, allowing an intruder to upload files, modify Registry values, and get system and network information.
Safety FirstA Microsoft spokeswoman wrote in an e-mail response Monday that the company is encouraging users to be cautious when opening.mdb files from an unknown source. A patch has not been released yet, according to the company.
The Trojan is not widely distributed and can be easily removed, Symantec says. The company rated its damage potential as "medium."
Known FlawThe flaw in Microsoft Office was first identified in April by HexView, a computer security firm. The vulnerability is caused by a memory-handling error when parsing database files, HexView reported.
The Trojan can be triggered after a user opens an affected.mdb file in Microsoft Access, according to an advisory issued by Secunia, a security firm, in April.
Copyright © 2005 PC World Communications, Inc.
| Copyright © 2005 Yahoo! Inc. All rights reserved. Questions or Comments Privacy Policy -Terms of Service - Copyright/IP Policy - Ad Feedback |