Discovered: January 19, 2006
Updated: January 19, 2006 3:32:15 PM
Systems Affected: Windows 98, Windows 95, Windows XP, Windows Me, Windows NT, Windows 2000
Trojan.Mdropper.E is a Trojan horse that exploits the Microsoft Word Macro Name Handler Buffer Overflow Vulnerability (BID 8835) and drops a file on the compromised computer.
When a user opens a malicious Microsoft Word document, the Microsoft Word Macro Name Handler Buffer Overflow Vulnerability (BID 8835) is exploited.
This causes the attacker-supplied arbitrary code to execute on the newly compromised computer.
The Trojan may then drop and execute one of the following files, which are typically variants of the Backdoor.Trojan or Backdoor.Femo families:
%Temp%\arc.exe
%System%\rdpclip32.exe
%System%\rdpclip32.dll
%System%\rdpclip32.dat
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine