More details are emerging about the undocumented vulnerability that is present in Microsoft Word that uses Trojan.Mdropper.H and Backdoor.Ginwui.

• Antivirus companies are catching on quick.  Most of the big names can detect and remove this threat and the Microsoft Live Safety Center is adding detection and removal routines.
• Here is some information on the file that carries the exploit:
  File size: 233472 bytes
  MD5: c1bb026ec2b42adc17d0efb7bb31f4dc
  SHA1: 02b9a9530e0f4edb3bc512707c16390ea5b394d1
  If you know what all this means, you'll be able to make use of it to spot the file carrying the exploit (although expect the bad guys to catch on and change it soon).  If none of this makes any sense then read this post.
• Using the Microsoft Word viewer is safe
• Microsoft plan to release an update for Microsoft Word during June's Patch Tuesday extravaganza on June 13th
• Security Fix has some more details on the exploit

SANS

Technorati Tags: Microsoft Word, Trojan.Mdropper.H, Backdoor.Ginwui

This entry was posted on Friday, May 19th, 2006 at 19:38 and is filed under Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.