Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Trojan.Mdropper.Q / Email Attachment Practices - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Trojan.Mdropper.Q / Email Attachment Practices
Thanks to frequent reader Juha-Matti Laurio for sending us a note about Trojan.Mdropper.Q and the previously undiscovered Microsoft Word 2000 vulnerability that comes with it.  Trojan.Mdropper.Q activates when a file containing it is opened, and then installs a backdoor on the machine.  Fortunatly as with most Office vulnerabilities a user has to actually open the file before the trojan can be activated.  Generally my advice to users is not to open files that they are not expecting even if they know the person that sent the file, but this one has made me curious, what do other system admins recommend to their users?   Do you have a policy on email attachments?  Is this policy automaticly enforced?
Michael

18 Posts

Sign Up for Free or Log In to start participating in the conversation!