Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Trojan dropper in Power Point - a new issue? SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Trojan dropper in Power Point - a new issue?
As pointed out by one of our readers, Juha-Matti, Trendmicro has recently released information about some Trojan droppers in Microsoft Power Point. The two links are TROJ_MDROPPER.BH and TROJ_SMALL.CMZ.

These articles a little light in detail with respect to the inner mechanics of the vulnerability, but they sound very similar to issues reported last July as you can see in our previous diary. It is possible that these issues are related to MS06-048 and is just a variant of the attack described by Microsoft here. The question remains whether this is truly a new vulnerability, if Microsoft failed to fix the root cause with MS06-048 or if MS06-048 addresses these issues. Trendmicro's claim is there is no current patch for this issue.

T. Brian Granier

22 Posts
Aug 19th 2006

Sign Up for Free or Log In to start participating in the conversation!