Microsoft Office Zero-Day Threat
Microsoft published an advisory in June warning of a targeted zero-day attack against users of Microsoft Office. The software giant patched the zero-day flaw in July. In addition to users of Office 2003 on the PC, the threat targeted users of Office for Mac. According to Trend Micro, two remote access Trojans (RATs) detected in 2013 often disguise themselves as a Microsoft document or component. FakeM has been detected embedded in a Windows document file or Excel spreadsheet. It communicates to a remote server by disguising itself as encrypted Microsoft Messenger traffic. Another RAT called Rarstone spreads via Windows files. It was seen targeting telecommunications, oil and gas, governments, media and others. It hides itself in an Internet Explorer process.