Olympic SPAM carries malicious Excel attachments

Computer forums for help with removing malicious software (malware) and improving computer security

Welcome Guest to What the Tech! ( Log In | Register ) We specialize in the removal of malicious software (malware), but here you'll find free help and support for all your tech questions. We invite you to ask questions, share experiences, and learn. Explore our message boards, or register now to post messages of your own. Please Start Here. Register today (registration removes advertising)

What the Tech > Discussion > Security advisories and vulnerabilities info

Olympic SPAM carries malicious Excel attachments

Options

AplusWebMaster View Member Profile	Mar 10 2008, 03:24 AM Post #1
AplusWebMaster Group: Authentic Member Posts: 3,585 Joined: 30-December 03 From: USA Member No.: 1,643 Operating System: WinXP	FYI... - http://blog.trendmicro.com/olympic-fans-ma...-ms-excel-vuln/ March 9, 2008 - "XLS files specially designed to exploit a currently unpatched vulnerability in Microsoft Excel (identified as CVE-2008-0081) are reportedly being sent as email attachments in the wild. The attachments, which arrive either as OLYMPIC.XLS or SCHEDULE.XLS are capable of dropping and executing Windows binary executables. This Trojan also drops a non-malicious Excel file and opens it upon execution to trick the user that it is the attached Excel file... Both OLYMPIC.XLS and SCHEDULE.XLS are observed to use similar exploit templates and even allow malware writers to customize the exploit to perform other routines... malware authors are using this window of opportunity to infect a large number of computers. More information on this exploit can be found on this Microsoft Security Advisory. Trend Micro advises users to be wary of opening unsolicited email messages, much more of files attached to them..." (Screenshots available at the URL above.)* * http://www.microsoft.com/technet/security/...ory/947563.mspx January 16, 2008 - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0081 Last revised: 1/17/2008

AplusWebMaster View Member Profile	Mar 11 2008, 04:42 AM Post #2
AplusWebMaster Group: Authentic Member Posts: 3,585 Joined: 30-December 03 From: USA Member No.: 1,643 Operating System: WinXP	FYI... Active exploitation of Excel vuln - http://isc.sans.org/diary.html?storyid=4117 Last Updated: 2008-03-10 23:52:52 UTC - "...We can confirm these attacks and have been tracking several exploits over the last few days. It should be noted that the incidents we are aware of have been limited to a very specific targeted attack and were not widespread. In total, we established approximately 21 reports of attacks using only 8 different files, from within the same two communities, so far... some of the signatures we know of that catch iterations of these attacks. Note that some are relatively generic and catch multiple other exploits as well... Trojan-Dropper.MSExcel.Agent ...We are aware that some of the samples connect back to update-microsoft.kmip.net (221.130.180.87) on port 80, to retrieve the IP address of the actual control server." > http://www.us-cert.gov/current/#trojan_exp...l_vulnerability This post has been edited by AplusWebMaster: Mar 11 2008, 05:46 AM

AplusWebMaster View Member Profile	Mar 11 2008, 01:34 PM Post #3
AplusWebMaster Group: Authentic Member Posts: 3,585 Joined: 30-December 03 From: USA Member No.: 1,643 Operating System: WinXP	FYI... Microsoft Security Advisory (947563) Vulnerability in Microsoft Excel Could Allow Remote Code Execution - http://www.microsoft.com/technet/security/...ory/947563.mspx Updated: March 11, 2008 - "...We have issued MS08-014* to address this issue..." * http://www.microsoft.com/technet/security/...n/MS08-014.mspx

« Next Oldest · Security advisories and vulnerabilities info · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Similar Topics

Topic Title	Replies	Topic Starter	Views	Last Action
Security advisories and vulnerabilities info SPAM frauds, fakes, and other MALWARE deliveries... 1234	51	AplusWebMaster	934	Yesterday, 06:31 AM Last post by: AplusWebMaster
Microsoft Office™ Excel 2007 Macro Help	3	NormanR	132	1st November 2008 - 06:12 AM Last post by: paws
HijackThis™ Logs and Infections Removal [Closed] Malicious Program Message from Trend 12	21	Goose Hunter	302	28th October 2008 - 10:16 PM Last post by: silver
Microsoft Office™ Cannot run excel	4	Artemesia	226	1st October 2008 - 02:01 AM Last post by: Artemesia

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Time is now: 1st December 2008 - 07:20 PM

Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk.
Member site: Alliance of Security Analysis Professionals | UNITE Against Malware
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy