Microsoft Office vulnerability used to spread malware
Published March 28th, 2012 at 8:58 AM EDT , modified March 28th, 2012 at 8:59 AM EDT
AlienVault Labs has announced discovery of malware “in the wild” that is taking advantage of a Microsoft Office vulnerability to install itself. It would appear that MS Office for Mac 2004 and 2008 are both vulnerable if the relevant security patch has not been installed. On vulnerable systems, malicious MS Office documents have been seen that install two different trojans, the Tibet.A trojan announced last week and a second never-before-seen trojan apparently called MacControl.
Some may make the claim that this malware is a non-issue, because the patch for the vulnerability it relies on was released by Microsoft on June 9, 2009 – nearly three years ago. However, many people never install updates. As Sophos pointed out in February, malware authors often target patched vulnerabilities, knowing that people will be running outdated systems for ridiculously long periods of time. Since many Mac users upgrading to Lion were caught flat-footed by the discovery that MS Office 2004 – an 8-year-old product – will not run in Lion gives ample evidence to support the idea that there are many people using outdated versions of MS Office.