The Trojan attacks security vulnerabilities in the Jet Database Engine mechanism of Microsoft Office, a lightweight database that Microsoft Office specializes in. This security bug has been detected and warned by Microsoft since April 2005, but Microsoft has not released a patch since then.
At the end of Friday, September 30, a Microsoft representative said that Microsoft had also recognized a trojan that was able to attack a security flaw in Microsoft Office and that Microsoft is now actively investigating and Fix this security error.
Symantec security company said that the Trojan named Backdoor.Hesive is hidden in a Microsoft Access file. When it gets into the computer, it tries to open up a number of backdoor ports so that hackers can take full control of the infected computer remotely. This Backdoor.Hesive Trojan is in a very dangerous form but fortunately it has a fast speed of spreading.
Although this security flaw was discovered half a year ago, Backdoor.Hesive trojans are the first malicious program that appears to be able to take advantage of the security bug to profit. Secunia has classified this security bug as 'very serious', just behind the 'extremely serious' type of error.
Secunia stated that this security error will cause the memory to always report errors during transport and analysis of data files. Attackers always try to trick users into opening a .mdb file, a Microsoft Access-specific file type, when clicking on this .mdb file is Backdoor.Hesive trojan immediately infecting the computer.
Symantec recommends that users should not open any strange files from the network, especially .mdb files.