Another 0-day exploit is currently being investigated by Microsoft, last week we reported about a previous MS Word 0-day. Yesterday, a couple of reports emerged about a new 0-day and according to the MSRC blog this new claim is being investigated by them. We are still acquiring a sample for the appropriate solution and for our analysis, we will update you as soon as we got one. =)
According to the MSRC blog, in their initial investigation, the 0-day affects the following versions:
- Word 2000
- Word 2002
- Word 2003
- Word Viewer 2003
However, Word 2007 is not affected.
Update (Roberto Tayag, Tue, 12 Dec 2006 01:55:22 PM)
Yes, we have acquired a sample and Trend Micro will be detecting this file as TROJ_MDROPPER.EB. The pattern for this malware has already been submitted and is now under our scrutiny of our QA team. updates will come as soon as the pattern file has been released.
UpdateÃ? (Roberto Tayag, Wed, 13 Dec 2006 07:16:52 AM)
The pattern that will detect this malware has been released and you can check more information regarding this here.