Malicious PowerPoint files (.ppt) are currently being used to exploit a newly reported security hole in the Office app. The isn't yet any patch available for the zero-day flaw, but Microsoft says the attacks are currently limited and targeted.
A successful attack would allow for running any command on the victim computer, such as downloading and installing malware. The Microsoft Security Response Center (MSRC) reports that the affected versions of the software are: Microsoft Office PowerPoint 2000 Service Pack 3, Microsoft Office PowerPoint 2002 Service Pack 3, Microsoft Office PowerPoint 2003 Service Pack 3, and Microsoft Office 2004 for Mac.
Microsoft Office PowerPoint 2007 is not affected, according to the MSRC.
Until Redmond releases a patch, your best bet is to upload any remotely suspect PowerPoint e-mail attachments to Virustotal.com for multiple free scans, as these small-scale, zero-day attacks can often be missed by one antivirus program. Also, techies and IT staff can look into using the MOICE converter, which requires installing the Office 2007 compatibility pack and converts binary Office docs into the 2007 XML format. But there are some gotchas with the process, such as losing all macros in converted docs.
Monday, April 6, 2009
A POWERPOINT ZERO DAY FLAW, TARGETED AND ATTACKED
Subscribe to:
Post Comments (Atom)
3 comments:
marvelous ,the information provided in this article regarding power point is really a mind blowing one.
IT Solution
What you're saying is completely true. I know that everybody must say the same thing, but I just think that you put it in a way that everyone can understand. I'm sure you'll reach so many people with what you've got to say.
I don't know how should I give you thanks! I am totally stunned by your article. You saved my time. Thanks a million for sharing this article.
Post a Comment