Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Malevolent RTF Files Drop Trojan Via Abuse of Office Vulnerability

Researchers at Trend Micro the security company state that malevolent Rich Text Format (RTF) files have been detected circulating online that are being used for exploiting a familiar security flaw so cyber-criminals can install malware on people's computers.

RTF, it's worth noting, is a very old design of Microsoft Office documents that Microsoft WordPad and Word of any edition supports.

In the current attack, the RTF-specific attack code, which Trend Micro has detected, aims to strike vulnerability of heap overflow type that impacts all versions of Microsoft Office. The flaw, when abused effectively, enables to execute remote code with the help of malevolent RTF files that install a Trojan. The Trojan, however, conceals itself in the guise of a service that already runs on the infected PC. Trend Micro has dubbed the .RTF attack files -TROJ_ARTIEF.SM.

States the company, the above malicious software inserts code within a process called svchost.exe so that it can connect with a distantly located computer server and take instructions from it. Trend Micro has named this code TROJ_INJECT.ART.

Detailing the malware assault, Threat Response Engineer Karl Dominguez at Trend Micro stated that a more severe problem was that an attacker could hit users' mailboxes with RTF-based e-mails. Since to deal with e-mails, Microsoft Outlook utilized Word, a victim who simply viewed/opened a maliciously crafted e-mail could allow the execution of the remote attack code, Dominguez explained. Trendmicro.com published this on December 15, 2010.

Luckily, Microsoft has already issued a security patch for the flaw, which attackers are exploiting. Thus, Trend Micro asserts that users must deploy the patch that's available within MS10-087, the authorized security bulletin, which Microsoft issued within its Patch Tuesday cycle of November 2010.

Furthermore, it's because of these kinds of assaults that PC Trojan-spewed malware are emerging. PandaLabs the security company within its security report for Q3-2010 emphasized that the most dominant threats were computer Trojans, accounting for 55% of the entire malware attacks from them. Backing this observation, AhnLab a South Korea-based security company outlined in its October 2010 report that of all malware, Trojans were reported as maximum in number at 46.1%.

Related article: Malevolent E-mail Spam Mimics Twitter Template

ยป SPAMfighter News - 27-12-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next