Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malicious RTF Files Exploit Office Flaw to Install Trojan

15 Dec 2010   #1
JMH

Win 7 Ultimate 64-bit. SP1.
 
 
Malicious RTF Files Exploit Office Flaw to Install Trojan

Quote:

Security researchers from Trend Micro have spotted malicious RTF files in the wild, which exploit a known Microsoft Office vulnerability to infect users with a trojan.

RTF stands for Rich Text Format and is one of the oldest document formats. It is supported by all versions of Microsoft Word and WordPad.

The RTF-based exploit seen by Trend Micro targets a stack buffer overflow vulnerability affecting all supported Microsoft Office versions.

This remote code execution flaw, identified as CVE-2010-3333, was addressed in the MS10-087 security bulletin released by Microsoft on November 9.

It the flaw is exploited successfully, the malicious RTF files drop a trojan which hides itself by using the name of an already existent service.

The malware injects code into the svchost.exe process in order to contact a remote server from where it receives instructions.
Malicious RTF Files Exploit Office Flaw to Install Trojan - Softpedia


My System SpecsSystem Spec
.

15 Dec 2010   #2
zigzag3143

Win 8 Release candidate 8400
 
 

Nice post.
My System SpecsSystem Spec
Reply

 Malicious RTF Files Exploit Office Flaw to Install Trojan




Thread Tools





Similar help and support threads
Thread Forum
look out for Exploit.drop.GSLAD trojan
looks like a "drive-by" Trojan - and it's a real nasty.. it hi-jacks your Windows installation and denies you access, it pops up with some message purporting to be from an official police site warning you that you've been downloading illegal music/film files and child porn.. it even has...
System Security
Blackhole outfitted with exploit for recently patched Java flaw
Source A Guy
Security News
Java Exploit / Trojan magically re-appears even with a system re-image
I re-imaged my system hard drive the other day after getting infected with a google redirect virus, and a lot of other nasty malware that was apparently smart enough to be able to tell what you're doing and shuts your system down after making it unbootable. Seems to have been a Java exploit. I...
System Security
repeated start up prbs after Exploit and Java Trojan's 'removed'
hi there I'm not sure if this is the right place to post this plea... About a week ago i removed Explot:Java/CVE-20100840.JA and TrojanDownloader@Java/Openconnection using MSE. 3 days ago I was attaching a word document to a hotmail email and the system froze and never woke up. I used the...
System Security
Delivering banking Trojan via malicious boot loaders
Source A Guy
Security News
Exploit Code Available for Shockwave Player Zero-Day Flaw
More - Exploit Code Available for Shockwave Player Zero-Day Flaw - Softpedia
Security News

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 15:30.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App