New Excel Trojan Hits the Net:Computer Security Research - McAfee Avert Labs Blog(情報元のブックマーク数)
MicrosoftがExcelに関するアドバイザリーを出したとの事ですが、既に、悪用するウイルスが出ている模様。
Microsoft has released a security advisory for this issue (CVE-2009-0238):
McAfee Threat Center – Latest Cyberthreats | McAfee
http://www.microsoft.com/technet/security/advisory/968272.mspx
Many versions of Excel are vulnerable, including 2000, 2002, 2003, 2007, 2004/2008 for Mac, Excel Viewer/Excel Viewer 2003.
A trojan exploiting an unpatched Microsoft Excel vulnerability has been reported from the field. McAfee Avert Labs has confirmed that Microsoft Excel 2007 and 2003 are affected. Other versions may also be impacted.
McAfee DAT files identify known malicious Excel spreadsheet files as Exploit-MSExcel.r trojan, and dropped files as BackDoor-DUE trojan in the 5534 DATs.
As with the initial Exploit-PDF.i threat, current attacks are very targeted and limited. When succesfull, it installs a backdoor that attempts to connect a remote site port 80 and waits for commands.
脆弱性をついたファイルが日本で出回っているそうです!!!要注意!
Office Excelに未修正の脆弱性が見つかり、米Microsoftが2月24日付でアドバイザリーを公開した。セキュリティ企業のSymantecによれば、この脆弱性を突いた悪質なスプレッドシートが日本で出回っている。
Excelに未修正の脆弱性、悪用ファイルが日本で発見 - ITmedia エンタープライズ
関連URL
- Excelにコード実行の脆弱性、修正プログラム未提供 : 投稿 : HotFix Report BBS
- SANS Internet Storm Center; Cooperative Network Security Community - Internet Security - isc
- Trojan.Mdropper.AC | Symantec
- Microsoft Excel Invalid Object Remote Code Execution Vulnerability
- US-CERT Current Activity
- Security Research & Defense : More information about the new Excel vulnerability
- 日本のセキュリティチーム (Japan Security Team) : 自動再生 (Autorun) & Excel 0-day