|
By Dave Porter (AXcess News) Reno, NV - A new virus called Trojan.Mdropper.H, which was soptted by Symatnec last week, is attacking Microsoft XP Word users by installing a rootkit called Backdoor.Ginwui. Symantec says the Trojan.Mdroppr.H is a zero-day vulnerability in Microsoft Word XP and Word 2003. Once the rootkit is installed it communicates back to the Web, giving hackers access to the infected PC. Stephen Toulouse post in the Microsoft Security Repsonse Center blog that, "In order for this attack to be carried out, a user must first open a malicious Word document attahced to an e-mail or otherwise provided to them by an atatcker." Customers using the Word viewer to view documents are not impacted, Toulouse said. A patch is said to be made available in June from Microsoft in its security update. The rootkit gives hackers the ability to take screen shots and access the Windows command shell. Current activity appears to be targeitng enterprise customers, Symantec says. Symantec cautions that the malicious document could also be delivreed to a victim by a hostile website, instant message, or through file-sharing, though this has not been observed thus far.
| 
