My Bitdefender
  • 0 Shopping Cart

SHARE
THIS ON

Facebook Twitter Google Plus

Exploit.W97.Ginwui.Gen

VERY LOW
MEDIUM
varies
(Trojan-Dropper.MSWord.1Table.bd, TrojanDropper:Win32/Tagword.B, Win32/Ginwui.A!Dropper, Exploit-OleData.gen)

Symptoms

    When an infected document is executed, MS Word 2003 will report a message stating that an error has occurred and offer to reopen the document. If the user agrees, the second time, the document will be opened without any errors.

Removal instructions:

Please let BitDefender disinfect your files.

Analyzed By

BitDefender research team

Technical Description:

The exploit affects Microsoft Word 2003. When an infected document is opened, the exploit will allow code execution on the infected machine without the user's intervention.

 The exploitable fields needed for the exploit to work are located in the Worddocument and 0Table (possible 1Table) streams of a MS Word document.

The current exploatation of this vulnerability consists of code dropping a Backdoor on the infected machine, wich is detected by BitDefender as Backdoor.Ginwui.A