1. /
  2. Security Response/
  3. Trojan.Mdropper.Y


Risk Level 1: Very Low

February 7, 2007
February 7, 2007 9:13:32 PM
Infection Length:
50,559 bytes
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Trojan.Mdropper.Y is a Trojan horse that attempts to exploit the Microsoft Office Malformed String Remote Code Execution Vulnerability (BID 22383) and drop additional threats on to the compromised computer.

Note: This threat will not execute on computers that have installed the the update for Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (as described in Microsoft Security Bulletin MS07-015).

CVE Reference: CVE-2007-0671

Antivirus Protection Dates

  • Initial Rapid Release version February 8, 2007
  • Latest Rapid Release version September 28, 2010 revision 054
  • Initial Daily Certified version February 8, 2007
  • Latest Daily Certified version September 28, 2010 revision 036
  • Initial Weekly Certified release date February 14, 2007
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Drops additional threats on to the compromised computer.


  • Distribution Level: Low
Note: On May 14, 2015, modifications will be made to the threat write-ups to streamline the content. The Threat Assessment section will no longer be published as this section is no longer relevant to today's threat landscape. The Risk Level will continue to be the main threat risk assessment indicator.
Writeup By: Elia Florio

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report