PowerPoint 0day Exploit (9-27-06)

Discussion in 'NOD32 version 2 Forum' started by Caine, Sep 28, 2006.

Thread Status:
Not open for further replies.
  1. Caine

    Caine Registered Member

    Joined:
    Nov 11, 2005
    Posts:
    63
    http://www.nist.org/news.php?extend.173
    Is this covered by NOD32?
     
  2. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Yes, it is now Caine! ;)
    See here
    Definition is highlighted: W97M/TrojanDropper.Lafool.F
     
  3. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    hmm...it seems they've added it actually today. :doubt:

    I think this are the right definitions: PP97M/TrojanDropper.PPDrop.F, PP97M/TrojanDropper.PPDrop.NAA (2), PP97M/TrojanDropper.PPDrop.NAB
     
  4. Caine

    Caine Registered Member

    Joined:
    Nov 11, 2005
    Posts:
    63
    Nice one! Thanks for that pykko. :)

    Is this sort of behaviour common with Microsoft? Pretty sneaky carry-on altogether. :gack:
     
  5. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, generally there are many exploits on MS products because many use them and hackers try to exploit evry little bug from them. :D
     
  6. Caine

    Caine Registered Member

    Joined:
    Nov 11, 2005
    Posts:
    63
    True that, but still though it's not so much the volume of exploits that MS inevitably have to battle with. It's the way they fixed up their own Security software defs and said nothing to the others. That's the bit that bugs me. Aw well, worrying over nothing since it's not an issue now.
     
  7. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, yes, basically if a new dangerous threat appear AV companies should be willing to exchange defs. ;)
     
Thread Status:
Not open for further replies.