Recently learned from Kaspersky Lab, Kaspersky Lab intercepted some components using Microsoft Office's PowerPoint file samples vulnerability to attack, such as: Trojan-Dropper.MSPPoint.Apptom.a / b and Trojan -Dropper.Win32.Cryptrun.a / b. Numbers of visitors should be noted that the recent use of Microsoft Office's PowerPoint component vulnerabilities of network attacks.
Microsoft on April 2 at its official website released a security bulletin, bulletin, Microsoft office products claim to find components in PowerPoint there is a serious flaw that could allow remote code execution. Has established that the flaw affects the Microsoft products that have Office 2000, Office XP and Office 2003 and Mac version of Office. The latest version of Microsoft Office products that Office 2007 will not be affected by this vulnerability.
Kaspersky Lab found in the current network attacks using this vulnerability is still very limited, not very wide scope. These attacks are targeted, so the current number of users affected is very limited.
Typical of such successful attack, the attacker will get the current user on the computer the appropriate permissions. If the user is administrator rights, harm the greater. Typical Web-based attack is implanted in the web page containing malicious code that exploits the vulnerability of Office documents. Only users click and run these documents before they are infected. But the attacker can not force the user to open or click on a malicious file, but by Email or other information in real-time communications tools to lure users to click on the PowerPoint file has been tampered with. In order to better spread, such a malicious PowerPoint files have been camouflaged, highly deceptive file name, if they run a malicious PowerPoint file is opened, it will release a malicious program to the user's computer, then the user complete control computer.
没有评论:
发表评论