Microsoft .doc exploit

Stephen Swaney steve.swaney at
Fri May 19 19:03:03 IST 2006

> -----Original Message-----
> From: mailscanner-bounces at [mailto:mailscanner-
> bounces at] On Behalf Of Kevin Miller
> Sent: Friday, May 19, 2006 1:47 PM
> To: MailScanner discussion
> Subject: Microsoft .doc exploit
> May be premature to block .doc files, but SANS reports on a zero day
> rootkit carried in a word doc.
>  It's in the wild but
> was a targeted attack.
> Apparently no AV signatures yet.  One to watch.
> Boy it's good to have a system that can block such things with a couple
> lines and 30 seconds of time!  In the past couple of weeks I've had two
> different venders try to sell me their proprietary systems.  They're
> wasting their time.  MailScanner rocks!
> ...Kevin

Here's the InfoWorld article:

Looks like some of the anti-virus engines are starting to get caught up.


Stephen Swaney
Fort Systems Ltd.
stephen.swaney at

More information about the MailScanner mailing list