http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9006738 By Sharon Machlis December 24, 2006 Computerworld A popular Christmas PowerPoint file has been modified to incorporate malicious code that gives an attacker unauthorized access to infected systems, iDefense warned today. In an e-mail warning, iDefense said that the e-mail with the subject "Merry Christmas to our hero sons and daughters!" and the attachment Christmas+Blessing-4.ppt "silently installs a backdoor Trojan horse on vulnerable computers." This version of the Hupigon (sometimes also called Hupigeon) Trojan installs two files on a compromised system, according to Ken Dunham, director of iDefense's Rapid Respones Team: msupdate.dll (18,507 bytes) and sdfsc.dll (3 bytes). A remote Web site used in this attack has been found on a server in China, Dunham said. "Details regarding the PowerPoint exploit are still unclear, but detected by a few scanners as a possible MS06-012 exploit," Dunham wrote. Such Microsoft Office exploits can allow remote execution of commands on infected systems. Attacks on Microsoft's Office software have been on the rise for months now, Marc Maiffret, chief technology officer with security vendor eEye Digital Security Inc., said earlier this month. Office vulnerabilities were once released "on a monthly basis," he said. "Now we're at the point where it's almost daily." _____________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Tue Dec 26 2006 - 22:17:02 PST