Virus writers have created a Trojan which uses an unpatched vulnerability in Microsoft Office to take over Windows PCs. The Hesive Trojan can be disguised as a Microsoft Access file. Once opened in Access, infected .mdb files take advantage of a five-month old buffer overflow flaw in Microsoft's Jet Database Engine software to seize control of vulnerable machines.

Incidents of the Trojan are rare but the creation of the first malware to target this unfixed security bug shows VXers are broadening the range of their attacks beyond targeting IE and Windows operating systems flaw to begin looking at Office applications. In this way skills associated more typically with targeted hacking attacks are being rolled into malware creation.

Microsoft is yet to fix the Database Engine glitch but the creation of malware specifically targeting a security bug with a core component of Office ought to speed the creation of a fix. ®

Related stories

• Hackers go after Excel (17 January 2008)

  https://www.theregister.com/2008/01/17/0day_excel_bug_menace/

• Security threats soar in 2005 (7 December 2005)

  https://www.theregister.com/2005/12/07/sophos_2005_security_survey/

• Federal flaw database commits to grading system (4 December 2005)

  https://www.theregister.com/2005/12/04/common_vulnerability_database/

• VXers release 'London bombing' Trojan (8 July 2005)

  https://www.theregister.com/2005/07/08/london_bombing_spambot/

• Trojan downloader spam poses as admin email (8 July 2005)

  https://www.theregister.com/2005/07/08/trojan_downloader_spam/

• UK trojan siege has been running over a year (17 June 2005)

  https://www.theregister.com/2005/06/17/niscc_warning/

• Microsoft Anti-Virus? (15 May 2005)

  https://www.theregister.com/2005/05/15/microsoft_anti-spyware/