EDIT - Latest information from Microsoft.
More information about Backdoor.Ginwui.
---------------------------------------------------------------------

Microsoft have released more details about the undocumented vulnerability that is present in Microsoft Word that uses Trojan.Mdropper.H and Backdoor.Ginwui.

Here's the upshot:

• The attack is email based
• Emails seem to arrive in groups
• Come from fake domains that are similar to the real domains of the targets (this is interesting)
• The targets are valid email addresses
• There are two current subject lines:
  Notice
  RE Plan for final agreement
• The attack needs to be run on an account with admin rights
• Attacks seem limited

Technorati Tags: Microsoft Word, Trojan.Mdropper.H, Backdoor.Ginwui

This entry was posted on Saturday, May 20th, 2006 at 22:24 and is filed under Stay Secure. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.