A common misconception in security is that if you use non-Microsoft products, you’re safe from malware attacks and exploits. Once again, this has been disproved by a zero day attack on a non-Microsoft application–specifically a local word processing application in Japan.
Recently we’ve received a sample of a malicious document that contains an embedded file that can be executed by exploiting a flaw in this Japanese application’s document viewer. Initial analysis shows that the embedded file is actually a Trojan that gathers information from the affected system.
As of now, other activities of this Trojan are still being verified and a corresponding solution is already in the works. Stay tuned for updates…
Update(Jasper, Fri, 18 Aug 2006 10:38:23 AM)
A solution for this threat has already been deployed. Trend detects this threat as TROJ_MDROPPER.BL.
The detection pattern has been available since OPR(official pattern release) 3.663.00.