New Trojan exploits MS06-047 with Word file
It was eight days ago when Microsoft released information about Critical code execution vulnerability in Microsoft Visual Basic for Applications MS06-047 and we have new Trojan horse exploiting the issue with Microsoft Word file now.
From the write-up of Trojan.Mdropper.N:
Trojan.Mdropper.N is a Trojan horse that exploits the Microsoft Visual Basic for Applications Document Check Buffer Overflow Vulnerability (as described in Microsof Security Bulletin MS06-047) and attempts to drop a file on the compromised computer.
The Trojan is a Microsoft Word document reportedly named:
Reportedly it drops a file which has been detected as a copy of Backdoor.Tuimer.
Microsoft’s bulletin lists the following Office versions as affected:
* Office XP Service Pack 3
* Office 2000 Service Pack 3
Works Suite 2006, 2005 and 2004 are vulnerable as well. The vulnerable component is Vbe6.dll.
But patch now, folks!
Update 18th Aug: Internet Storm Center has related Diary entry listing several Trojan names used.