GMA News Online SciTech » Technology

US military contractor targeted by doc-based malware

August 16, 2012 6:02pm
Businesses and organizations were advised over the weekend to make sure their computer security patches are updated, after a security vendor discovered a new malware attack targeting a defense contractor.
 
Sophos said the new attack uses a poisoned DOC file that exploits a vulnerability in Microsoft Office to infect machines running the Windows operating system.
 
"The latest attack was sent to the contractor - whose name (we are not making public) - embedded inside a file called Details.Doc, attached to the (email)," it said in a blog post.
 
It said the email pretends to be from a yahoo.com.tw address but the headers show the emails did not come from Yahoo.
 
On the other hand, it said the attachment "Details.doc" exploits the CVE-2012-0158 vulnerability and tries to install the "PittyTiger" backdoor malware.
 
Sophos added Microsoft has already issued a patch for the exploit as early as three months ago.
 
"And there are really no excuses for not having applied it," it said. — TJD, GMA News


We welcome healthy discussions and friendly debate! Please click Flag to alert us of a comment that may be abusive or threatening. Read our full comment policy here.
Comments Powered by Disqus
advertisement

Talk of the web

advertisement
advertisement