• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Rogue Anti Spyware
    • Virus
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Exploits & Vulnerabilities › Found new vulnerability in Microsoft Excel

Found new vulnerability in Microsoft Excel

Myantispyware team June 16, 2006     No Comment    

ISC and Microsoft reported about new vulnerability in Microsoft Excel. Also found exploit using the vulnerability for install malware.

Now Symantec can to detect this attack.

Trojan.Mdropper.J is a Trojan horse that drops Downloader.Booli.A on the compromised computer. It exploits an undocumented vulnerability in Microsoft Excel.

The Symantec website also reports … Downloader.Booli.A may arrive on the compromised computer, dropped by Trojan.Mdropper.J, with the following name: %System%\svc.exe

Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

When Downloader.Booli.A is executed, it performs the following actions:

  • Attempts to run Internet Explorer and inject its code into Internet Explorer to potentially bypass firewalls.
  • Attempts to download a file from the following location: [http://]210.6.90.153:7890/svcho[REMOVED]
  • Saves the file as the following and if the download was successful, executes the file: c:\temp.exe
  • Creates an empty file before exiting: c:\bool.ini

Now we recommend use the same defenses as for lastest Microsoft Word vulnerability: How to block Microsoft Word vulnerability, recommended defenses.

Exploits & Vulnerabilities

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply




New Guides

Nfgmyassion.top
How to remove Nfgmyassion.top pop-ups (Virus removal guide)
Search45
How to uninstall Search45 from Chrome, Firefox, IE, Edge
Headstonerinse.com
How to remove Headstonerinse.com pop-up redirect (Virus removal guide)
Your IP address personal information might be exposed SCAM
Your IP address & personal information might be exposed SCAM (Virus removal guide)
Ourtopstories.com
How to remove Ourtopstories.com pop-ups (Virus removal guide)

Follow Us

Search

Useful Guides

Iphone Calendar virus spam
Iphone Calendar Virus/Spam (Removal guide)
browser redirect virus
How to remove Browser redirect virus [Chrome, Firefox, IE, Edge]
adwcleaner
AdwCleaner – Review, How to use, Comments
Files encrypted by ransomware become useless
How To Recover Encrypted Files (Ransomware file recovery)
How to reset Mozilla Firefox (Updated Apr. 2018)

Recent Posts

Update your systems
CleanCache – Clean Internet Explorer, Mozilla, Firefox, Opera and most Internet Explorer shells
Automatic remove Titan shield
Phishing scam and fake address bar
How to remove antispywarebox hijacker

MYANTISPYWARE.COM

  • About Us
  • Contact Us
  • Privacy Policy

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2020 My AntiSpyware - Free antispyware programs and Spyware Removal Instructions.