ðòïåëôù 


  áòèé÷ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 


  ðåòóïîáìøîïå 


  ðòïçòáííù 



ðéûéôå
ðéóøíá














     áòèé÷ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] New word2003 0-day



èÏÔÑ ÎÁÐÉÓÁÎÏ, ÞÔÏ ÜÔÏ ÕÑÚ×ÉÍÏÓÔØ × word2000, symantec ÇÏ×ÏÒÉÔ Ï ÕÑÚ×ÉÍÏÓÔÉ × 
word2003


http://isc.sans.org/diary.html?storyid=2133

 Older Microsoft word unpatched vulnerability used as vector in targeted attacks
Published: 2007-01-31,
Last Updated: 2007-01-31 22:10:11 UTC
by Swa Frantzen (Version: 3)
Symantec reported on what was thought of initially as yet another unpatched 
vulnerability being exploited by the bad guys out there. We have confirmation 
it is in fact one of the older -still unpatched- vulnerabilities CVE-2006-6456 
that is exploited in targeted attacks.

Even though it appears there might be little gain in once again trying to 
convince people not to email office documents, not to open them, etc. some 
renewed attention might be required.
If actively exploited unpatched vulnerabilities is the risk level you need 
before being allowed to act and start to filter, you might have your "go" at 
this point. The oldest of the 4 vulnerabilities is publicly known since 
December 5th, 2006. This latest wave of attacks is exploiting a vulnerability 
that was publicly known since December 10th, 2006.

Let's hope at least some of them get patched in February's Black Tuesday 
patches.

    * Symantec Trojan.Mdropper.X
    * Current activity at us-cert
    * CVE-2007-0621 was assigned to this on the chance of it being a new issue.

With thanks to Juha-Matti, Ryan, and others helping out on this issue as it 
developed.





 




Copyright © Lexa Software, 1996-2009.