Symantec Finds Yet Another Excel Trojan Variant

It may be a single malicious user with an axe to grind, and that user may be targeting a very small group of people who just happen to use Microsoft Excel. But whoever it is continues to make security firms like Symantec nervous, as yet another Excel-based document with a malformed image string, dubbed Trojan.Mdropper.Y, has turned up.

As a message on Symantec's security blog stated this morning, the Excel document with the malformed string is capable of dropping two Trojan horse programs onto the victim's computer, both of which are identified as Backdoor.Bias.

Both programs apparently leave open the possibility for remote exploit, but neither Symantec nor Microsoft has provided any details with regard to whether their informant victim's computers have been "phoning home."

This time around, Symantec was much more careful with the phrasing of the new Trojan's description on its blog, cautiously explaining that Trojan.Mdropper.Y was a different document that leveraged the same exploit as with editions prior to "Y," perhaps a little differently than before but not different enough to call this a new vulnerability.

Nonetheless, that didn't stop some press sources from calling this the fourth, fifth, or sixth new "Excel flaw" discovered since the beginning of the year, even though the concept string malformation exploit dates back to before the turn of the decade.

Excel 2007 appears to continue to be immune to this exploit, though older versions remain vulnerable. However, all legitimate security sources checked by BetaNews continue to report that these particular attacks are targeted rather than automated and widespread.

© 1998-2014 BetaNews, Inc. All Rights Reserved. Privacy Policy.