Users hit by zero day PowerPoint attacks


Users hit by zero day PowerPoint attacks

Antony Savvas

Microsoft is considering issuing a security patch to fix a vulnerability in its PowerPoint presentation software.

The flaw allows remote attackers to run arbitrary code on the affected user’s machine. It is spread by malicious e-mails containing a rogue PowerPoint attachment.

Microsoft said it is investigating reports of limited “zero-day” attacks using a vulnerability in Microsoft PowerPoint 2000, Microsoft PowerPoint 2002, Microsoft Office PowerPoint 2003, Microsoft PowerPoint 2004 for Mac, and Microsoft PowerPoint v. X for Mac.

A zero day attack uses exploit code which has not been patched against by the software supplier, and when attacks take place before warnings can be made to users.

Microsoft said, “As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. Microsoft has added detection to the Windows Live OneCare safety scanner for up-to-date removal of malicious software that attempts to exploit this vulnerability.”

Microsoft said it would consider issuing another patch ahead of its monthly scheduled security patching date, on 10 October.

Earlier this week, the company broke form its monthly patching cycle and issued a fix to plug a security hole in Internet Explorer.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy