Another Exploit Targets IE7 Bug
Scumbags and crooks are actively targeting unpatched PCs
that use IE7. If you are current on your patches, you are fine. If not…well, you know the drill.
The threat starts with a spammed malicious .DOC file detected as XML_DLOADR.A. This file has a very limited distribution script, suggesting it may be a targeted attack. It contains an ActiveX object that automatically accesses a site rigged with a malicious HTML detected by the Trend Micro Smart Protection Network as HTML_DLOADER.AS.