Threat Level: green Handler on Duty: Tom Webb

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Trojan dropper in Power Point - a new issue?

Published: 2006-08-19
Last Updated: 2006-08-19 22:39:43 UTC
by Brian Granier (Version: 1)
0 comment(s)
As pointed out by one of our readers, Juha-Matti, Trendmicro has recently released information about some Trojan droppers in Microsoft Power Point. The two links are TROJ_MDROPPER.BH and TROJ_SMALL.CMZ.

These articles a little light in detail with respect to the inner mechanics of the vulnerability, but they sound very similar to issues reported last July as you can see in our previous diary. It is possible that these issues are related to MS06-048 and is just a variant of the attack described by Microsoft here. The question remains whether this is truly a new vulnerability, if Microsoft failed to fix the root cause with MS06-048 or if MS06-048 addresses these issues. Trendmicro's claim is there is no current patch for this issue.

--
T. Brian Granier
Keywords:
0 comment(s)
Diary Archives