Somebody at McAfee jumped the gun. Last Friday night McAfee disclosed the inner workings of a particularly pernicious rigged Word document attack — a zero-day involving a linked HTA file. On Saturday FireEye — citing a “recent public disclosure by another company” — gave more details, and revealed that it had been working on the problem with Microsoft for several weeks.
It looks like McAfee’s public disclosure forced FireEye’s hand prior to Microsoft’s anticipated fix tomorrow.
The exploit appears in a Word doc attached to an email message. When you open the doc (an RTF file with a .doc name extension), it has an embedded link that retrieves an HTA file. (An HTML application is usually wrapped around a VBScript or JScript program.)
Source: Infoworld.com | Security