Calendar
Categories
Browse
Symantec has discovered an exploit that crashes older versions of MS Word and could give a hacker access to the affected system.
We tried using various combinations of Word versions, patches and languages, and in each case (with the exception of Office 2007) opening the document would cause Word to crash,” said Orla Cox, a Symantec Security Response engineer. “After taking a closer look, we could see that the document contained shell code and three other pieces of malware. What was interesting about the document was that it wasn’t in OLE format, meaning that it wasn’t a standard Microsoft Office document. After some investigation we determined that the document had actually been created using Word for Macintosh.”
After some investigation we determined that the document had actually been created using Word for Macintosh. Here you can see the difference between the header in an OLE (Windows) format document compared to that of a Mac format document.
It was then that we had a “light bulb” moment, because we knew that just yesterday Microsoft had released a patch for a vulnerability in Word for Mac documents. (See Microsoft Security Bulletin MS07-060.) Taking a closer look at that vulnerability, we confirmed that this document was in fact exploiting the same vulnerability.
Update: the vulnerability is for Windoze only