Malware writers have created a malicious program exploiting unpatched vulnerability in some versions of MS Excel. ESET, a leading provider of security solutions – catalogues this malware as X97M/TrojanDropper.Agent.NAI. trojan. It contains a dangerous payload attacking versions MS Excel 2000, 2002, 2003, 2007, 2004/2008, version for Mac, Excel Viewer/Excel Viewer 2003.
The payload is released immediately after the infected file is opened, creating a backdoor in the system (backdoor Win32/Agent.NVV). The backdoor allows the authors to gain control over the workstation from remote location.
According to Juraj Malcho, ESET´s Head of Virus Lab, Excel users should refrain from opening suspicious .xls files or files received from unknown senders. When it comes to the scope of the infiltration, the overall number of infected computers thus far remains low and the attacks seem to be targeted, rather than aiming to achieve a massive scale spread.
The above-mentioned threat takes advantage of the so-called zero-day exploitability. Typically, similar vulnerability gaps are discovered only once they become targeted – thus affecting all users of the particular software (in this case Excel).
About ESET
Founded in 1992, ESET is a global provider of security solutions for corporate customers and households. From a small family-sized venture, ESET has evolved into a leader in proactive malware detection and is in the front lines of combating emerging cyberthreats. Its flagship solutions - ESET NOD32 Antivirus and ESET Smart Security, built on the award-winning ThreatSense® engine are trusted by millions of users to protect their computers against a host of Internet-borne malware, such as viruses, trojans, worms, adware, spyware, phishing, rootkits.
ESET has headquarters in Bratislava, Slovakia with branch offices in Prague, Czech Republic; San Diego, USA; Bristol, UK and Buenos Aires, Argentina. ESET‘s solutions are available in more than 160 countries worldwide. In 2008, ESET opened its new development center in Krakow, Poland and was ranked by Deloitte Technology Fast 500 as one of the fastest growing technology companies in the EMEA region.