W32/Ginwui.A: SANS Internet Storm Center reports bug in MS Word application

SANS Internet Storm Center reports bug in MS Word application

SANS Internet Storm Center has warned against a big security bug in the MS Word application, which could result in sophisticated e-mail attacks, which can result in infiltrated company networks.

Even the antivirus companies have confirmed this problem as Symantec raised its Internet threat rating, citing confirmation of attacks using an unknown hole in Microsoft Word. These attacks are mainly originating from China and Taiwan.

Symantec also warned subscribers to its DeepSight Threat Management Service, which has confirmed reports of active exploitation of a hole in Microsoft Word 2003.

The bug is related to Word document attachments in e-mail messages, which can trigger the security hole and run code that gives attackers control over vulnerable systems. It crashes the Word 2000 version but works on the latest Word 2003 edition.

F-Secure call this Trojan W32/Ginwui.A. Mikko Hyppönen, manager of anti-virus research at F-Secure said in a statement: “We have seen malicious Word documents using similar or the same vulnerability in the past, but they have only worked on Chinese language versions of Word…This new version works on English language versions of Word, so there is obviously the potential for the attack to have a larger potential audience of victims.”