According to Internet Storm Center (ISC), a 0-day in MS word was used in a targetted attack against a certain company. We’ve also received a customer inquiry, and yes, we are aware of it.
I’ve sent out a request for the sample, and hopefully, we’ll have it by today.
Update(Jovs, 20 May 2006 00:48:01)
We have just acquired a sample for this which is now being processed by our Engineers. I will soon update this blog with the malware name.
Update(Jovs, 20 May 2006 05:38:59)
I just received word that this malware will be detected as W97M_MDROPPER. As of now there are already two variants of this malware namely W97M_MDROPPER.AB. and W97M_MDROPPER.AC
