Updates

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same

MS Word threat created on Mac

Symantec reported that it received a Word document that attempts to deliver a malicious payload to Windows users and it appears to have been created on a Mac.

The Word document Symantec analyzed caused all versions of Microsoft Word for Windows, except for Word 2007, to crash. Word 2007 was exempted from the threat because by default it does not open Word files created on a Mac. In this case, the payload attempted to install files that turn a Windows PC into a bot that could be further used on the Internet to exploit other computers or deliver malicious payloads to other Windows PCs.

This threat is not a direct problem for Mac OS X users as the embedded code found in the Word file requires Windows to spread, but it does underscore the fact that a Mac running Microsoft’s Office application could potentially be used as a delivery platform for malicious Windows code.

Symantec is still investigating the Windows attack and has not yet revealed how the malicious document was created. This is not a Mac problem, but rather an issue with Word.

Storm worm exploits YouTube

Spammers are taking advantage of the YouTube function that lets people invite friends to view videos that they have viewed or posted. The function allows someone to e-mail any address from an account.

The scam on this Google's video-sharing site is targeting Xbox owners, which urge the recipients to collect a prize which is nothing less than a copy of the popular game, Halo 3. Clicking on the link leads to a file containing the Storm trojan.

It was earlier reported that the e-mail messages are exploiting a vulnerability in the sign-up process. A similar vulnerability is being exploited in the case of YouTube. Spammers have used intelligent character recognition (ICR) software to circumvent the verification system commonly known as Captcha. In the widely used Captcha system, a person must read and re-enter a selection of blurred or unevenly spaced letters and numbers into a box before being issued a new account. It is used to make it harder for software programs, rather than genuine users, to sign up for services.

Security vendor Sophos has also reported the YouTube spam problem. According to them, this incident differs from the technique commonly associated with the Storm worm, which typically targets PCs for the job of sending spam. The YouTube spamming marks a departure for junk mailers-instead of using botnets to distribute spam, they can use a familiar Web site to pass on messages.

According to experts, this scam could well signal the rise of outsourced bot-herding wherein the botnet controller pays a third party to acquire further bots. Now, one can rent time on a botnet network and have a tech support department. A spammer would just rent time on a botnet which includes tech support from the botnet owner and a massive resource pool with huge amounts of bandwidth.