We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Word flaw being used in attacks

Bug allows hackers to run unauthorised software

An unpatched flaw in the Windows 2000 version of Microsoft Office 2000 is being used by attackers to run unauthorised software on a victim's computer, according to security firm Symantec.

Microsoft has confirmed that the bug exists, but it would not say when it plans to fix the problem.

The critical vulnerability was first reported by Symantec to users of its DeepSight threat notification service. Attackers are exploiting the flaw by sending malicious Word documents to victims, Symantec said. When these documents are opened, Word is tricked into installing malicious software on the PC.

Symantec is calling this malware Trojan.MDropper.

Trojan.MDropper installs malicious software on the computer, which in turn installs another Trojan horse program "which turns out to be a new variant of Backdoor.Femo", Symantec said.

Symantec testers had not been able to exploit the problem on more up-to-date versions of Office or Windows. On Tuesday Microsoft said the bug was confined to Microsoft Word 2000.

Microsoft is investigating the issue and may issue a patch once that investigation is completed, according to the company's public relations agency.

Microsoft has spent a lot of time investigating and patching Office applications this year. Over the past few months there have been several reports concerning very targeted attacks, similar to this latest Office issue. Microsoft's most recent security updates have been filled with patches for Office flaws, many of which had already been used in attacks.


IDG UK Sites

Windows 10 launch event as it happened: Read our Windows 10 launch live blog - find out first as...

IDG UK Sites

Windows 9 and the death of the OS as a must-have product

IDG UK Sites

Video trends: 4K is here โ€“ HDR video, VR and 3D audio is coming

IDG UK Sites

Best iPhone 6, iPhone 6 Plus deals: iPhone 6, iPhone 6 Plus tariffs, contracts and prices UK