Security experts have recently discovered a serious “zero-day” vulnerability in Microsoft Word that is being exploited by hackers from China and Taiwan.
The Microsoft Security Response Center has stated that they are working with various security companies to prevent attacks utilizing this security flaw. A patch is expected to be released on June 13.
This vulnerability is being exploited through a “special” Word file attached to emails. If users open this file using Word XP or Word 2003, a Trojan will infiltrate their systems. This Trojan is equipped with rootkit features to hide itself from antivirus security applications.
The Trojan’s task is to communicate with a remote server. However, experts are still unaware of the specific types of data being transmitted.
Chris Carboni, a researcher with the SANS Internet Storm Center, confirms that when an attack exploiting this vulnerability is initiated, the Trojan will deploy a bot or other malicious software onto the compromised system.
No security company has yet detected any malicious code specifically targeting this vulnerability. Microsoft is actively seeking solutions to address this issue. They plan to update the Windows Live Safety Center to include features for detecting attacks exploiting this vulnerability.
F-Secure has reported that the Trojan Ginwui.A infiltrates through the “special” Word file, allowing hackers to create, read, edit, and search for files and folders, access and modify the registry, start services, and launch or terminate processes.
Meanwhile, Symantec has raised its security alert level to level 2 following the news of this vulnerability.
Users are advised to exercise caution when opening attachments in emails.
Hoàng Dũng
