View Single Post
15 Dec 2010  

Win 7 Ultimate 64-bit. SP1.
Malicious RTF Files Exploit Office Flaw to Install Trojan


Security researchers from Trend Micro have spotted malicious RTF files in the wild, which exploit a known Microsoft Office vulnerability to infect users with a trojan.

RTF stands for Rich Text Format and is one of the oldest document formats. It is supported by all versions of Microsoft Word and WordPad.

The RTF-based exploit seen by Trend Micro targets a stack buffer overflow vulnerability affecting all supported Microsoft Office versions.

This remote code execution flaw, identified as CVE-2010-3333, was addressed in the MS10-087 security bulletin released by Microsoft on November 9.

It the flaw is exploited successfully, the malicious RTF files drop a trojan which hides itself by using the name of an already existent service.

The malware injects code into the svchost.exe process in order to contact a remote server from where it receives instructions.
Malicious RTF Files Exploit Office Flaw to Install Trojan - Softpedia
My System SpecsSystem Spec