• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

My AntiSpyware

Free antispyware software, Online Scanners, Instructions on how to remove spyware and malware.

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools
Home › Exploits & Vulnerabilities › Found new vulnerability in Microsoft Excel

Found new vulnerability in Microsoft Excel

Myantispyware team June 16, 2006     No Comment    

ISC and Microsoft reported about new vulnerability in Microsoft Excel. Also found exploit using the vulnerability for install malware.

Now Symantec can to detect this attack.

Trojan.Mdropper.J is a Trojan horse that drops Downloader.Booli.A on the compromised computer. It exploits an undocumented vulnerability in Microsoft Excel.

The Symantec website also reports … Downloader.Booli.A may arrive on the compromised computer, dropped by Trojan.Mdropper.J, with the following name: %System%\svc.exe

Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

When Downloader.Booli.A is executed, it performs the following actions:

  • Attempts to run Internet Explorer and inject its code into Internet Explorer to potentially bypass firewalls.
  • Attempts to download a file from the following location: [http://]210.6.90.153:7890/svcho[REMOVED]
  • Saves the file as the following and if the download was successful, executes the file: c:\temp.exe
  • Creates an empty file before exiting: c:\bool.ini

Now we recommend use the same defenses as for lastest Microsoft Word vulnerability: How to block Microsoft Word vulnerability, recommended defenses.

Exploits & Vulnerabilities

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply




New Guides

PNC Scam Text We FROZEN your ACCNT
PNC Scam Text 866-594-9267 Frozen Account Message
Lilola Recliner Scam text
Lilola Recliner Scam Text Explained
goog.uthyforemplo.xyz malicious
Track Click Crystal pop-up redirect (Virus removal guide)
Datingsecret.top Click Allow Scam
Datingsecret.top Virus Removal Guide
SaveFrom Video Downloader
Is Savefrom.net Safe? Savefrom.net Virus Removal Guide

Follow Us

Search

Useful Guides

adwcleaner
AdwCleaner – Review, How to use, Comments
DNSChanger
How to remove DNSChanger malware virus [Updated Apr. 2018]
Files encrypted by ransomware become useless
How To Recover Encrypted Files (Ransomware file recovery)
How to remove browser hijacker virus (Chrome, Firefox, IE, Edge)
browser redirect virus
How to remove Browser redirect virus [Chrome, Firefox, IE, Edge]

Recent Posts

Update your systems
CleanCache – Clean Internet Explorer, Mozilla, Firefox, Opera and most Internet Explorer shells
Automatic remove Titan shield
Phishing scam and fake address bar
How to remove antispywarebox hijacker

MYANTISPYWARE.COM

  • About Us
  • Contact Us
  • Privacy Policy

NEED A HELP ?

If you're seeing unwanted pop-ups or ads in your web-browser, you might have an adware installed on your computer. Use the following guide to stop pop-up ads and remove malicious software. Or ask for help here.

Links

  • Downloads
  • Instructions
  • Questions and Answers
  • Free Malware Removal Tools
Copyright © 2004 - 2022 Myantispyware.com - Free antispyware programs and Spyware Removal Instructions.