Symantec is issuing dire warnings
about the dangers of a newly discovered Trojan, Trojan.Mdropper.H
, which specifically targets
a zero-day vulnerability with Microsoft Word 2003. Users should take care opening any Word document received either by email or any other means, as the Trojan can pretend to be such an attachment, and upon execution will give hackers access to users' PCs. The vulnerability is triggered merely by opening the attachment.
Not much seems to be known about who is behind this latest malware, however Symantec does believe the attack to be Asian in origin, and it appears to be targeted at several large organizations. China or Taiwan could be a possible source, as SANS Internet Storm Center
have revealed that the word document attachment contains Chinese characters.
The Trojan is quite capable of bypassing spam filters, and Symantec's antivirus software is not as yet capable of detecting the problem. Microsoft has committed to come up with a fix by June 13.