Security, et al

Randy's Blog on Infosec and Other Stuff

«  SANS Log Management 2006 ... | Update on zero day Word v... »

Zero information on zero day vulnerability in Word

Fri, 19 May 2006 15:30:04 GMT

A couple hours ago, my Google sidebar lit up with new postings about the new vulnerability in Word, discovered by Symantec, that apparently opens a back door.

I am frustrated at the total lack of detail on this so far and no other recommendation than to be careful about Word attachments - even blocking them at the email gateway.

How long does it take to produce a signature update or give more information about how bad the vulnerability is?

The reports I’ve seen say it opens a back door but what kind of back door? Does it open a port for incoming connections or does it actively check a rogue site for zombie commands? Are you protected if you have Windows Firewall?

So far the best information I’ve seen is at http://isc.sans.org/diary.php?compare=1&storyid=1345.

If you have thoughts or information on this let me know. I’ll make sure you receive credit.

email this digg reddit dzone
comments (0)references (0)

Related:
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure
5 Indicators of Endpoint Evil
Anatomy of a Hack Disrupted: How one of SIEM’s out-of-the-box rules caught an intrusion and beyond

Comments disabled

powered by Bloget™

Search


Categories
Recent Blogs
Archive


 

Upcoming Webinars
    Additional Resources