Hi Carlo & 'MUGites, I had read earlier in the week, possibly in 'Naked Security - Sophos' news letter, that Microsoft had patched this weakness. Microsoft Security TechCenter seems to confirm this at:
http://technet.microsoft.com/en-us/security/bulletin/MS09-027 Without wanting to spread panic, I think that we as Mac users must now learn to be cautious and apply safety rules meticulously. Have a nice weekend all, Philippe On 30/03/2012, at 1:04 AM, cm wrote: > Hi 'MUGites, > > If you run Microsoft Word beware of opening unsourced Word documents. A new > attack targeting Mac users relies on them opening a Word document that > exploits a flaw in MS Word to install a trojan on their machine. > > Here is the summary for a news aggregator site that I follow: > > "Welcome to the age of targeted attacks, Mac users. Perhaps having grown > tired of owning Windows machines around the world for the last few years, > attackers have now taken up the challenge of going after Macs with the same > kind of targeted attack tactics that have served them so well in the Windows > world. Researchers have found a new attack that employs two separate pieces > of malware, a malicious Word document and some techniques for maintaining > persistence on compromised machines, and the campaign is specifically > targeted at Mac users. The command-and-control domain involved in the attack > is located in China and the attack exploits a three-year-old vulnerability in > the way that Office for Mac handles certain Word files, according to > researchers at AlienVault, who discovered and analyzed the attacks." > > and here are the two articles linked in the summary: > > https://threatpost.com/en_us/blogs/maccontrol-trojan-being-used-targeted-attacks-against-os-x-users-032812 > > http://labs.alienvault.com/labs/index.php/2012/ms-office-exploit-that-targets-macos-x-seen-in-the-wild-delivers-mac-control-rat/ > > The articles do not say if the vulnerability has been patched in later > version of MS Word. > > Cheers, > Carlo > -- The WA Macintosh User Group Mailing List -- > Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> > Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> > Settings & Unsubscribe - > <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug> Philippe Chaperon laut...@westnet.com.au -- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
