We have discovered new exploit (CVE-2012-0158) in APT emails!
This RTF vulnerability was just patched in Apr. 10 as MS12-027.
Microsoft Security Bulletin MS12-027 -
Critical Vulnerability in Windows Common Controls
Could Allow Remote Code Execution (2664258)
At this moment, the new exploit enjoys a very low AV detection rate
on VirusTotal, with only 2 out of the 42 antivirus engines flagging it as malicious.
APT Group Graph generated by XecScan
The Xecure Lab Scanner (XecScan) gives the security community and general public on-demand analysis of any suspicious document file where no installation or registration is required to enjoy the service. Though it's free, XecScan is capable of finding advanced malware, zero-day,and targeted APT attacks embedded in common file formats.