Microsoft .doc exploit
Stephen Swaney
steve.swaney at fsl.com
Fri May 19 19:03:03 IST 2006
> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> bounces at lists.mailscanner.info] On Behalf Of Kevin Miller
> Sent: Friday, May 19, 2006 1:47 PM
> To: MailScanner discussion
> Subject: Microsoft .doc exploit
>
> May be premature to block .doc files, but SANS reports on a zero day
> rootkit carried in a word doc.
> http://www.incidents.org/diary.php?storyid=1345 It's in the wild but
> was a targeted attack.
>
> Apparently no AV signatures yet. One to watch.
>
> Boy it's good to have a system that can block such things with a couple
> lines and 30 seconds of time! In the past couple of weeks I've had two
> different venders try to sell me their proprietary systems. They're
> wasting their time. MailScanner rocks!
>
>
> ...Kevin
Here's the InfoWorld article:
http://www.infoworld.com/article/06/05/19/78499_HNword0day_1.html?source=NLC
-TB2006-05-19
Looks like some of the anti-virus engines are starting to get caught up.
Steve
Stephen Swaney
Fort Systems Ltd.
stephen.swaney at fsl.com
www.fsl.com
More information about the MailScanner
mailing list