Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42870
  • Total Topics: 16079
  • Online Today: 3869
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Mac malware exploits Microsoft Office vulnerability  (Read 3150 times)

0 Members and 1 Guest are viewing this topic.

Pez

  • SCF VIP Member
  • *****
  • Posts: 776
  • KARMA: 117
  • Gender: Male
  • Pez
Mac malware exploits Microsoft Office vulnerability
« on: 10. April 2012., 09:15:51 »

Hey Mac users- the bad guys are trying to mess with you! Cybercriminals are sending spam emails that include booby-trapped Word documents. If you are tricked into downloading the attached document, it installs a Trojan horse that gives them access to your system. To protect yourself, avoid clicking on spam emails and update your Microsoft Office software. "Share" this so others can protect themselves!
 


Mac malware exploits Microsoft Office vulnerability

Rogue emails distribute booby-trapped Microsoft Word file that installs Mac OS Trojan, researchers said

Security researchers have encountered new email-based targeted attacks that exploit a vulnerability in Microsoft Office to install a remote access Trojan horse program on Mac OS systems.
 
The rogue emails appear to target Tibetan activist organizations and distribute booby-trapped Microsoft Word documents that exploit a known remote code execution vulnerability in Microsoft Office for Mac, according to malware experts from security firm AlienVault.
 
[ Also on InfoWorld: Find out what other security threats the  2012 Verizon Data Breach Investigations Report turned up. | Learn how to secure your systems with InfoWorld's Malware Deep Dive PDF special report and  Security Central newsletter. ]
 
"This is one of the few times that we have seen a malicious Office file used to deliver Malware on Mac OS X," said AlienVault security researcher Jaime Blasco in a blog post on Tuesday.
 
Security researchers from Mac antivirus vendor Intego believe that the attacks might become more widespread. "This malware is fairly sophisticated, and it is worth pointing out that the code in these Word documents is not encrypted, so any malware writer who gets copies of them may be able to alter the code and distribute their own versions of these documents," they said in a blog post on Thursday.
 
"The attack will be very effective on those who have not updated their copies of Microsoft Office, or aren't running antivirus software," the Intego researchers said.
 
If the vulnerability is exploited successfully, the rogue Word files will install a previously unknown Mac OS X Trojan horse. The remote attackers can instruct this malware to download, upload, and delete files, or to start a remote shell on the system.
 
AlienVault believes that this attack was carried out by the same gang that last week distributed a similar Mac Trojan by exploiting a vulnerability in outdated Java installations.
 
This type of targeted attack, also known as spear phishing, has become common in recent years and is usually associated with government or corporate cyber espionage operations. However, the vast majority of spear phishing emails have so far targeted Windows users.
 
"While, in the past, we did not see this type of attack targeting Macs, it is clear that the game has changed, and that we are entering a new period of Mac malware," the Intego researchers said.
 
Mac users are advised to keep the software installed on their computers up to date, especially the popular applications, and to run an antivirus program at all times. Several Mac antivirus products are available for free.


Orginal article: By Lucian Constantin | IDG News Service
Their is two easy way to configure a system!
Every thing open and every thing closed.
Every thing else is more or less complex.

Start Turfing ! http://scforum.info/index.php/topic,8405.msg21475.html#msg21475

Samker's Computer Forum - SCforum.info

Mac malware exploits Microsoft Office vulnerability
« on: 10. April 2012., 09:15:51 »

 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising