“Zero Day” Attack Using Microsoft Word
A “zero day” attack has been reported on a method that allows a fully patched Windows XP system running Microsoft Word to be compromised. The trojan was apparently written by sophisticated hackers in China and Taiwan.
“The exploit arrives as an ordinary Microsoft Word document attachment to an e-mail. However, when the document is launched by the user the vulnerability is triggered to drop a backdoor with rootkit features to mask itself from anti-virus scanners.”
Bottom line: Do not open e-mail attachments!