Panda: Malicious code exploits Excel flaw

Discussion in 'malware problems & news' started by Randy_Bell, Jun 19, 2006.

Thread Status:
Not open for further replies.
  1. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    - Malicious code exploits
    undocumented Excel vulnerability -
    Virus Alerts, by Panda Software (http://www.pandasoftware.com)​

    Madrid, June 19 2006 - PandaLabs has discovered a malicious code that takes advantage of an Excel vulnerability. This flaw causes an unknown error and could allow an attacker to download and run code.

    To do this, the attacker sends the target user an Excel file that runs the exploit code and downloads a Trojan, detected as Trj/Downloader.JFN, which in turn tries to download another file. This vulnerability can be used in the future to download any other executable file. As there is no documentation or security patch to fix this flaw, it is possible that other malicious code may appear in the next few hours that take advantage of this vulnerability.

    Panda Software's TruPrevent Technologies (TM) neutralize the effects of any files prepared to exploit this vulnerability, and also detect and block Downloader.JFN without the need for signature updates.
     
  2. diginsight

    diginsight Security Expert

    Joined:
    Feb 9, 2002
    Posts:
    225
    Location:
    Netherlands
  3. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    Oh is it? :D This exploit is already days old!
     
  4. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    They might as well have said "PandaLabs discovers the same thing as the other ones, only a few days later".
     
Loading...
Thread Status:
Not open for further replies.