Guest LilBambi Posted May 3, 2012 Share Posted May 3, 2012 (edited) Mac Malware Targeting Unpatched Office Running on OS X – eWeek This is a different issue than reported earlier on this blog here on April 16th. Microsoft is reporting that malware is exploiting unpatched versions of its Microsoft Office Word 2000 suite to compromise Apple Macintoshes running Snow Leopard or earlier versions of Mac OS X. Microsoft has discovered malware that’s preying on Apple computers running unpatched versions of its Office application suite. The two vulnerabilities in question were patched in the Microsoft Office Word 2000 suite in June 2009, almost three years ago. At that time, Microsoft put out a critical security bulletin—MS09-027—to close the holes, which can allow an attacker to get control of a system if a user opens a maliciously crafted Word file. As noted in the Fran's Computer Services blog posting: Another troubling situation is that the malware seems to be targeting Snow Leopard and earlier versions of Mac OS X; not Lion. With Lion the particular memory address being abused to run shellcode isn’t vulnerable like in earlier versions of Mac OS X. Virus Bulletin has a Glossary entry for shellcode noted above: Code activating a payload via command-line instructions Shellcode is a small piece of code which activates a command-line interface to a system and passes in commands. These instructions will often involve disabling security measures, opening a backdoor to allow remote access to a system, and downloading or activating further malicious code. Shellcode is often injected into a system and executed via a vulnerability in network-facing software, such as browsers, or in downloadable files such as documents. Edited May 3, 2012 by LilBambi Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted May 4, 2012 Share Posted May 4, 2012 Oh, yeah! On any OS. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.