New Trojan Targets Microsoft Word

Now Microsoft Word users need to be extra careful while downloading files, as hackers have already targeted Microsoft Word 2003 exploiting zero-day vulnerabilities with a new Trojan horse named "Trojan.Mdropper.H".

Symantec, the leading desktop security vendor, has issued an alert on its home page regarding the vulnerability, asking users to be extra careful while opening any Word document received either by email or any other means. According to Symantec, opening an email attachment which appears to be a Word document actually opens the latest Trojan horse virus program, giving hackers access to users' PCs. When the document is opened by users, it triggers the vulnerability.

According to Symantec the attack originated in Asia, and now it appears that the attacks are targeted at large organizations but there could be a change in strategy.

Johannes Ullrish, chief technical officer, SANS Internet Storm Center, said that the attackers behind the latest Trojan horse might be operating out of China or Taiwan. The researchers have found Chinese characters in the malicious Word document, and the servers associated with the attack have been traced back to these countries.
The seriousness of the attack has been compounded by Microsoft's declaration that the company might require over three weeks to fix the vulnerability.

Source