A new Trojan virus has found vulnerability in Microsoft’s Word software, and although the attacks are very recent and limited, Symantec [SYMC] and Microsoft [MSFT] have warned users about the bug and potential problems. On its Web site, Symantec issued a warning, saying that they have “discovered active exploitation of a possibly undisclosed vulnerability affecting Microsoft Word.” They identified the virus as a Trojan horse bug called Backdoor.Darkmoon. Microsoft has responded to such reports by issuing a statement saying that the vulnerability affects the Microsoft Office 2002 Service Pack 3 suite of
Their “initial investigation indicates that customers who use all other supported versions of Microsoft Office Word, Microsoft Office Word Viewer, Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, and Microsoft Office for Mac are not affected,” the statement said.
Microsoft urged those affected by the virus to “contact Customer Service and Support at no charge using the PC Safety hotline at 1-866-PCSAFETY. Additionally, customers in the United States should contact their local FBI office or report their situation at www.ic3.gov.”
This virus is the second reported PC attack this week, as earlier a bug was reported to affect Microsoft’s Access database program.
The viruses are the newest occurrences in a string of attacks targeted at the Microsoft Office software suite over the years. In the attacks, users are tricked into opening corrupted files, whereby the virus is able to install malware on the host computer.
From there, the program records keystrokes in order to steal passwords.
Symantec’s anti-virus software is detecting the virus, but the security company warns users not to open unsolicited, unfamiliar Word documents.