Security Alert: Trojan Horse Enters System via Infected MS Word Document (BackDoor-CKB!cfaae1e6)

Last Thursday, McAfee sent out a warning to Windows users on a new Trojan Horse (named: BackDoor-CKB!cfaae1e6) that enters a system through a macro in MS Word Documents. MS Word, a part of the widely used/widely pirated Microsoft Office Suite. Once the "carrier" Word document is opened, it will run a malicious code that can execute any external commands, download additional trojan horses, capture desktop screen shots, monitor and record keystrokes or passwords.

The existence of this Trojan Horse has also been confirmed by other security firms such as Symantec and SANS.

How can this be avoided? Simple computer hygiene such as the following can save a user from a lot of headaches:

• DO NOT OPEN documents from dubious sources. If you do receive an email with an unexpected attachment, delete it immediately.
• DO NOT RUN AS ADMINISTRATOR. This single step will stop a lot of viruses and spyware on their tracks since these malware can't infect your system if you are using a "regular user" account instead of an "administrator" account.
• USE A FIREWALL. If you have no access to a hardware firewall, run a software firewall. The built-in Windows firewall is more than adequate to stop unwanted incoming/outgoing network traffic.
• UPDATE YOUR ANTI-VIRUS. Although this may not protect you from so-called Zero-day exploits, this additional layer of protection can at least help you in dealing with other threats.

My ultimate tip on preventing this virus? If you are using an *cough* evaluation copy of MS Office, do yourself (and your conscience) a favor, remove it from your system and make do with alternative Office suites such as OpenOffice.Org and other similar programs.

technorati tags: security, malware, trojans, microsoft, OpenOffice.Org