Microsoft Corp. said today that it's investigating a recently released Trojan horse program that targets a hole in its Microsoft Office software suite that was first identified in April.
Symantec Corp. issued an advisory that the Trojan horse, named Backdoor.Hesive, can arrive as a Microsoft Access file, exploiting a Microsoft Jet Database Engine buffer overflow. The code can allow an unauthorized user access, enabling an intruder to upload files, modify registry values and get system and network information, said Symantec.
A Microsoft spokeswoman wrote in an e-mail response today that the company is encouraging users to be cautious when opening .mdb files from an unknown source. A patch hasn't been released yet, according to the company.
The Trojan horse isn't widely distributed and can be easily removed, Symantec said. The company rated its damage potential as "medium."
The flaw in Microsoft Office was first identified in April by HexView, a computer security firm. The vulnerability is caused by a memory handling error when parsing database files, HexView reported. The Trojan horse can be triggered after a user opens an affected .mdb file in Microsoft Access, according to an advisory issued by Copenhangen-based security firm Secunia in April.
Related Links:
|
Current issue
Forum & Community
OneKit's Software
Submit software
Trojan horse uses unpatched MS Office hole
