Eset NOD32 delivers generic patch for Microsoft Word vulnerability

After quickly identifying the dangers posed by the new vulnerability, Eset immediately developed the world's first proactive, generic protection against current and future exploits. As a result, Eset's NOD32 antivirus software enables users to safely use the popular word-processing application until Microsoft releases an official patch.

The malicious software is distributed via email as a Microsoft Word file attachment. When the document is opened by the user, the exploit passes through existing protection like a bullet and installs a Trojan on the host PC. While the existing exploits only targets a specific organization, the malicious code presents opportunities for copycat activities, which could have a much more global and severe impact. Eset warns that a wave of malware variants based on this exploit is likely, citing a similar pattern for the Microsoft Windows Metafile exploit that was released in late December 2005. Within a few days of the initial exploit being reported, there was massive spamming of malware occurred to download adware, spyware and other malware to users' PCs.

"This new vulnerability further emphasizes the need for proactive protection and detection of zero-day threats. NOD32's ThreatSense® detection is already protecting its users from future attacks," said Andrew Lee, Chief Research Officer at ESET.

Engineers at Eset very quickly realized the danger that such an exploit poses to their customers, and were able to develop a solution that generically blocks any attempt to use this vulnerability. The success was confirmed by the independent testing labs AV-Test.org. Andreas Marx, AV-Test CEO, said "Eset was not only one of the first anti-virus companies which had signatures in place to stop the already known attacks used by the Win32/GenWui Trojan, but they also had the first generic detection in place on May 21 around midnight (GMT). This effectively prevents all future malware attacks attempting to exploit this zero-day vulnerability in Microsoft Word."

"Eset is continuously looking to providing the latest efficient solutions to arising problems, thus is the NOD32 antivirus software that will enable users to continue with their Microsoft Word daily processes problem-free,"

said Neo Neophytou, ESET's Middle East Managing Director.

Now Eset customers with ThreatSense® Update version 1.1551 are proactively protected against this vulnerability. Eset NOD32 Antivirus software automatically updates to the new version, requiring no action from end-users in most cases. Eset's patented ThreatSense technology leverages advanced heuristics to ensure NOD32 customers are already protected from Win32/Exploit.MSWord.Smtag Trojan, also known as Win32/GinWui, and future variants of attacks against this vulnerability. When the system detects new forms of malware, they are automatically blocked and rendered harmless.

Users without NOD32's award-winning protection against emerging threats can download a fully functional 30-day evaluation copy of NOD32 for free at http://www.eset.com/download/ to ensure protection against these exploits while Microsoft develops the patch.