Users hit by zero day PowerPoint attacks

Microsoft is considering issuing a security patch to fix a vulnerability in its PowerPoint presentation software.

Microsoft is considering issuing a security patch to fix a vulnerability in its PowerPoint presentation software.

The flaw allows remote attackers to run arbitrary code on the affected user’s machine. It is spread by malicious e-mails containing a rogue PowerPoint attachment.

Microsoft said it is investigating reports of limited “zero-day” attacks using a vulnerability in Microsoft PowerPoint 2000, Microsoft PowerPoint 2002, Microsoft Office PowerPoint 2003, Microsoft PowerPoint 2004 for Mac, and Microsoft PowerPoint v. X for Mac.

A zero day attack uses exploit code which has not been patched against by the software supplier, and when attacks take place before warnings can be made to users.

Microsoft said, “As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. Microsoft has added detection to the Windows Live OneCare safety scanner for up-to-date removal of malicious software that attempts to exploit this vulnerability.”

Microsoft said it would consider issuing another patch ahead of its monthly scheduled security patching date, on 10 October.

Earlier this week, the company broke form its monthly patching cycle and issued a fix to plug a security hole in Internet Explorer.

Read more on Operating systems software

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...

SearchDataManagement

Close