Office 2000 hit with a zero-day attack.

zekrahminator · Sep 6, 2006

Recognized by both Secunia and Symantec as being very critical threats. A variation on the trojan MDropper.Q allows it to install another trojan, a new variant of Backdoor.Femo. This trojan allows for the remote execution of code on the victims computer.

"As with other recent (Microsoft) Office vulnerabilities, documents incorporating the exploit code must be opened with a vulnerable copy of Microsoft Word 2000 for it to work," Symantec's advisory stated. "As such, it makes the vulnerability unsuitable for the creation of self-replicating network worms."

Microsoft has not patched Office 2000 at this time.

View at TechPowerUp Main Site

Thermopylae_480 · Sep 6, 2006

I'm using office 2003, and Office 2007 Beta. I hope nobody comes out with a similiar idea for these.

Dark Ride · Sep 6, 2006

Reminds me that I need to install Office 2003. Thanks

Alec§taar · Sep 6, 2006

During this period of attacks, I have taken Office 2003 offline, period.

Microsoft will patch it, this you can be certain of though.

There are things you CAN do to help prevent this, especially since Office (epsecially Outlook using WORD as its default email content text editor)!

DO NOT DO THIS!

PREVENTATIVE MEASURE #1:

In Outlook (FULL) options, go to Rich Text Format (.rtf) or straight text format in your emails, & heck with HTML formatted mail since Office & IE integrate like mad & share libs/dlls.

PREVENTATIVE MEASURE #2:

Another GOOD measure is to start WORD (for example) in 'safemode', if you cannot live w/ out Office 2000/XP/2003 for your daily work.

(Personally, I just use wordpad & .rtf files (rich text format & no macro'ing possible in that file format & just as readable/formattable as WORD .doc imo for the most part)).

How to do this?

Change its shortcut commandline!

E.G.-> The default location for theWindows executable is as follows:
"C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE"

add /safe to the end of it (commandline switch).

The default location for theWindows executable is as follows:
"C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE" /safe

(Note the highlited "/safe" switch @ the end of its shortcut commandline)

APK

P.S.=> I am admittedly, not 100% certain that Office 2000 has this switch available to its .exe @ runtime as a switch, but I am fairly sure Office XP does, & Office 2003 for sure... apk

error_f0rce · Sep 7, 2006

Thanks for the info Alec, I went ahead and did step #1.
Now the wait... I'm sure they'll patch this bad boy soon :rolleyes:

stealthfighter · Sep 7, 2006

I have office 03 on a dvd somewhere, It's not on my PC. Hack that~!!

Processor	AMD Athlon 64 X2 4800+ Brisbane @ 2.8GHz (224x12.5, 1.425V)
Motherboard	Gigabyte sumthin-or-another, it's got an nForce 430
Cooling	Dual 120mm case fans front/rear, Arctic Cooling Freezer 64 Pro, Zalman VF-900 on GPU
Memory	2GB G.Skill DDR2 800
Video Card(s)	Sapphire X850XT @ 580/600
Storage	WD 160 GB SATA hard drive.
Display(s)	Hanns G 19" widescreen, 5ms response time, 1440x900
Case	Thermaltake Soprano (black with side window).
Audio Device(s)	Soundblaster Live! 24 bit (paired with X-530 speakers).
Power Supply	ThermalTake 430W TR2
Software	XP Home SP2, can't wait for Vista SP1.

System Name	G-REX
Processor	AMD Ryzen 5 5600X
Motherboard	Gigabyte Aorus Master X570
Cooling	Corsair H100i RGB Platinum SE + 4 x Corsair LL120 (White)
Memory	32GB Corsair Vengeance RGB Pro DDR4-3600 (White)
Video Card(s)	Gigabyte Aorus Master RTX 3080 10GB
Storage	1TB Samsung 980 Pro NVME \| 2TB Sabrent Rocket Q NVME
Display(s)	34.0" LG 34GP83A-B
Case	Lian-Li Lancool 2 Mesh (White)
Audio Device(s)	Logitech G560 \| Corsair Virtuoso RGB Wireless
Power Supply	Corsair RM850x
Mouse	Corsair Dark Core Pro SE
Keyboard	Corsair K70 MK2 (Cherry MX Brown) + White PBT Key Caps
Software	Windows 10 Home

Processor	DualCore AMD Athlon 64x2 4800+ (o/c 2801mhz STABLE (Ketxxx, POGE, Tatty One, ME))
Motherboard	ASUS A8N-SLI Premium (PCIe x16, x4, x1)
Cooling	PhaseChange Coolermaster CM754/939 (fan/heatsink), Thermalright heatspreaders + fan built on (RAM)
Memory	512mb PC-3200 DDR400 (set DDR-33 for o/c) by Corsair (matched pair, 2x256mb) 200.1/200mhz
Video Card(s)	BFG GeForce 7900 GTX OC 512mb GDDR3 ram (o/c manually to 686 core/865 memory) - PhaseChange cooled
Storage	Dual "Raptor X" 16mb 10krpm/RAID 0 Promise EX8350 x4 PCIe 128mb & Intel IO chip/CENATEK RocketDrive
Display(s)	SONY 19" Trinitron MultiScan 400ps 1600x1200 75hz refresh 32-bit color
Case	Antec Super-LanBoy (aluminum baby-tower w/ lower front & upper rear cooling exhaust fans)
Audio Device(s)	RealTek AC97 onboard mobo stereo sound (Altec Lansing ACS-45 speakers - 10 yrs. still running!)
Power Supply	Antec 500w ATX 2.0 "SmartPower" powersupply
Software	Windows Server 2003 SP #1 fully patched, & massively tuned/tweaked to-the-max (plus latest drivers)

Processor	Intel Core i7-930 (D0) @ 4.0GHz (1.28v)
Motherboard	GIGABYTE GA-X58A-UD3R
Cooling	CoolIT ECO-R120 Advanced Liquid Cooling w/ x2 Scythe ULTRA-KAZE 3000rpm \| Scythe Master controller
Memory	Mushkin Enhanced Redline - 6GB DDR3 @ 1910MHz 8-10-8-29
Video Card(s)	MSI N460GTX Twin Frozr II SOC GeForce GTX 460 768MB 192-bit GDDR5
Storage	RAID-0 w/ 2x OCZ Agility 2 SSD 90GB SATA II 3.5" (r4.6Gb/s w4.2Gb/s)
Display(s)	ASUS VW266H - 26" LCD
Case	COOLER MASTER Storm Scout \| x2 120mm Scythe ULTRA-KAZE \| 140mm Scythe Slipstream KAZE Maru2
Power Supply	Thermaltake Black Widow TR2 RX - 850w

Processor	P4 2.8
Motherboard	Intel D865PERL
Memory	2x512 Ballistix DDR400
Video Card(s)	GeForce 5200
Storage	Maxtor 120GB
Power Supply	Allied 300w 10A

Office 2000 hit with a zero-day attack.

zekrahminator

McLovin

Thermopylae_480

Dark Ride

Alec§taar

New Member

error_f0rce

New Member

stealthfighter

New Member