Ichitaro zero-day Vulnerability exploited in the wild, targets Japan users

JustSystems Corporation, the developer of one of the top Japanese word processor Ichitaro, announced that Arbitrary code execution vulnerbility in Ichitaro is being exploited in the wild.

When an user open a malicious document that exploits this vulnerability, the malware will be dropped in the victim's machine. The malware can delete your data , warns JustSystems.

In a report, Symantec said they have seen the exploitation in the wild since mid-January. The attack targets Japan users.

Malicious Attachment - Image Credits:Symantec

According to their report, the attack starts with an archive file contains the following files: A clean Ichitaro document (.jtd file), A modified JSMISC32.DLL file with a hidden attribute, A malicious DLL file with a hidden attribute and a .jtd file extension.

When the .jtd document is opened on a vulnerable computer, it executes the modified JSMISC32.DLL that further launches the malicious DLL file with the .jtd file extension.

Ichitaro users are advised to download and apply the patch from JustSystems, to protect against this exploit.