Hackers spread malicious code to attack Word

Not long after Microsoft released a monthly update that fixed security flaws in software products, hackers immediately released malicious code to attack those errors. The target they aim for is PCs that have not yet installed patches.

With this October, the security error targeted by hackers is an error in the Microsoft Word word processing application. This is a buffer overflow error. Security experts say the buffer overflow error is easily exploited to run malicious code on a system that fails if exploited successfully.

Before Microsoft released the patch, the bug was used to attack previous users. But after the patch released this bug, it was even more exploited.

Security firm Symantec said Word security flaws are now being used to attack users in very wide-ranging attacks. At least up to this point, malicious Word files spread on the Internet carry a series of shell scripts that allow application execution plus 3 other malicious code.

These malware include two Trojan-Dropper and Backdoor-Trojan trojans. Backdoor-Trojan is responsible for opening a secret port on PC that makes it possible for Trojan-Dropper to download more malicious code. The third malicious code is Hacktool-Rootkit, which has the main function of hiding malicious code in front of the 'surveillance eye' of security software.

In addition, Symantec emphasized that this method of attack is really different. Instead of creating standard Windows OLE-format files, this time hackers created a Word-specific application for the Apple Mac OS operating system.

But anyway, the main goal of hackers is to attack Windows users through the newly released security vulnerability.

But there is still good news for users that Microsoft Office 2007 version and Office 2003 Service Pack 3 are not compatible with Word Mac OS format, so these versions are immune to these attacks. .

Users are advised not to open Word files that are sent from unclear sources and should quickly download necessary patches.

Hoang Dung