x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

1Table.A

Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:1Table.A
Technical name:Trj/1Table.A
Threat level:Low
Alias:trojan.mdropper.h, W97M_MDROPPER,
Type:Trojan
Effects:  

It drops the variant A or B of the backdoor Gusi in the affected computer, exploiting a vulnerability in Microsoft Word that allows arbitrary code to be executed with the same privileges as the logged on user.

Affected platforms:

Windows XP/2000/NT

First detected on:May 20, 2006
Detection updated on:May 22, 2006
StatisticsNo

Brief Description 

    

1Table.A is a Trojan that drops one of the following variants of the backdoor Gusi in the affected computer:

  • Bck/Gusi.A
  • Bck/Gusi.B

In order to do so, it exploits a vulnerability in Microsoft Word due to a buffer overflow, which allows arbitrary code to be executed with the same privileges as the logged on user.

1Table.A does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.

To date at least two Word documents have been found to have reached computers via email, though other means cannot be ruled out, such as websites or P2P networks, etc.

It is also recommended to be careful with other Office documents, as they may contain inside an embedded Word document.

 

If Word, Word Viewer or Works Suite is installed on your computer, it is recommended that you access Microsoft's official website and check if you have any of the vulnerable versions installed. In such case, download and install the security patch. Access the web page for downloading the patch.

Visible Symptoms 

    

1Table.A is easy to recognize once it has affected the computer, as when a malicious Word document is run, Word crashes and stops responding.