• Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

MyAntiSpyware

Menu
  • Downloads
  • Threats
    • Adware
    • Browser Hijacking
    • Phishing
    • Ransomware
  • Questions and Answers
  • Recover Encrypted Files
  • Free Malware Removal Tools

Found new vulnerability in Microsoft Excel

Myantispyware team June 16, 2006    

ISC and Microsoft reported about new vulnerability in Microsoft Excel. Also found exploit using the vulnerability for install malware.

Now Symantec can to detect this attack.

Trojan.Mdropper.J is a Trojan horse that drops Downloader.Booli.A on the compromised computer. It exploits an undocumented vulnerability in Microsoft Excel.

The Symantec website also reports … Downloader.Booli.A may arrive on the compromised computer, dropped by Trojan.Mdropper.J, with the following name: %System%\svc.exe

Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

When Downloader.Booli.A is executed, it performs the following actions:

  • Attempts to run Internet Explorer and inject its code into Internet Explorer to potentially bypass firewalls.
  • Attempts to download a file from the following location: [http://]210.6.90.153:7890/svcho[REMOVED]
  • Saves the file as the following and if the download was successful, executes the file: c:\temp.exe
  • Creates an empty file before exiting: c:\bool.ini

Now we recommend use the same defenses as for lastest Microsoft Word vulnerability: How to block Microsoft Word vulnerability, recommended defenses.

Exploits & Vulnerabilities

 Previous Post

Update your systems

Next Post 

Another rogue antispyware app for your blacklist – Trust Cleaner

Author: Myantispyware team

Myantispyware is an information security website created in 2004. Our content is written in collaboration with Cyber Security specialists, IT experts, under the direction of Patrik Holder and Valeri Tchmych, founders of Myantispyware.com.

Leave a Reply Cancel reply

New Guides

Anchomoross.com Virus Removal Guide
scam alert
Fake or Real? You Visited Some Hacked Websites With Exploit Email Scam Explained
scam alert
Spotify Can’t Process Your Payment Scam Alert: A Phishing Email to Avoid
IFMAGIC GLP-1 Pro Weight Loss Oral Solution Review, Scam or Legit? What You Need to Know
LilCooler Portable AC Review, Scam or Legit? What You Need to Know

Follow Us

Search

Useful Guides

browser redirect virus
How to remove Browser redirect virus [Chrome, Firefox, IE, Edge]
remove android virus
How to remove virus from Android phone
remove chrome extension
How to remove Chrome extensions installed by enterprise policy
Best free malware removal tools
Best Free Malware Removal Tools 2025
How to reset Internet Explorer settings to default

Recent Guides

Update your systems
CleanCache – Clean Internet Explorer, Mozilla, Firefox, Opera and most Internet Explorer shells
Automatic remove Titan shield
Phishing scam and fake address bar
How to remove antispywarebox hijacker

Myantispyware.com

Myantispyware has been a trusted source for computer security and technology advice since 2004. Our mission is to provide reliable tech guidance and expert, practical solutions to help you stay safe online and protect your digital life.

Social Links

Pages

About Us
Contact Us
Privacy Policy

Copyright © 2004 - 2024 MASW - Myantispyware.com.