Microsoft .doc exploit
Kevin Miller
Kevin_Miller at ci.juneau.ak.us
Fri May 19 18:47:02 IST 2006
May be premature to block .doc files, but SANS reports on a zero day
rootkit carried in a word doc.
http://www.incidents.org/diary.php?storyid=1345 It's in the wild but
was a targeted attack.
Apparently no AV signatures yet. One to watch.
Boy it's good to have a system that can block such things with a couple
lines and 30 seconds of time! In the past couple of weeks I've had two
different venders try to sell me their proprietary systems. They're
wasting their time. MailScanner rocks!
...Kevin
--
Kevin Miller Registered Linux User No: 307357
CBJ MIS Dept. Network Systems Admin., Mail Admin.
155 South Seward Street ph: (907) 586-0242
Juneau, Alaska 99801 fax: (907 586-4500
More information about the MailScanner
mailing list