There are reports that an in the wild Zero-Day exploit is targeting an unknown vulnerability in Microsoft Word.
This Zero-Day exploit is in the form of a Word document that when opened, connects to www.ch(blocked)per.com where the following malwares are available for download:
- TROJ_AGENT.HFH
- TROJ_AGENT.HFI
- TROJ_TINY.DU
- TSPY_MJCS.E
The download URL for this malware is already blocked by Trend Micro URL filtering.
Microsoft has released a security advisory to forewarn MS Word users to exercise caution in opening Word documents.
Affected Word versions are:
- Microsoft Word 2000
- Microsoft Word 2002
- Microsoft Office Word 2003
- Microsoft Word Viewer 2003
- Microsoft Word 2004 for Mac
- Microsoft Word 2004 v. X for Mac
- Microsoft Works 2004, 2005, and 2006