Symantec Security Response has detected activity surrounding a zero-day exploit discovered in Microsoft Word 2003.
The malicious files contain a number of objects (such as PowerPoint slides and Excel charts) along with Backdoor.Ginwui, a piece of malicious code which opens a back door on the users computer. This back door allows a remote attacker to gather system information and execute code on the attacked machine. Symantec has also identified these malicious Word documents as Trojan.Mdropper.H. Symantec has rated both Backdoor.Ginwui and Trojan.Mdropper.H as Category 1 threats on a scale of 1 to 5 with 5 being the most severe.
Symantec Security Response raised the ThreatCon level to a Level 2 (Level 4 being the highest alert level) as a result of the active exploitation of this zero-day vulnerability. The Symantec ThreatCon provides an overall weather forecast of the state of the Internet.
Symantec recommends that users:
Related links: (Open in a new window.)
securityresponse.symantec.com/
Taken from Information Security Bulletin.