Just days after patching four bugs in PowerPoint, Microsoft is warning of a new attack targeting its presentation software.
"We’ve been made aware of proof of concept code published publicly affecting Microsoft Office 2003 PowerPoint," wrote Microsoft Security Program Manager Alexandra Huft in a Thursday blog posting. "The reported proof of concept may allow an attacker to execute code on a user’s machine by convincing them to open a specially-crafted PowerPoint file."
Huft said that Microsoft is not aware of any attacks that take advantage of the bug, but with code now in circulation on public Web sites like Securitydot.net, the attack is easily available to attackers.
Her blog entry can be found here.
Security vendor Secunia rates the flaw as highly critical because it could be exploited to gain accessed to a fully patched Windows system.
The flaw affects PowerPoint 2000, PowerPoint 2002 and PowerPoint 2003, as well as many versions of the Office suite, Secunia said. Its security advisory can be found here.
Hackers have been keeping Microsoft's security team extremely busy over the past month, and Office in particular has been the focus of their efforts. On Tuesday, Microsoft released the largest number of bug fixes in recent memory patching 26 flaws in its Windows, Office and .Net framework products.
Get the independent advice and expertise you need to support a virtual workforce.
The increase in Linux popularity has increased the frequency and sophistication of malware attacks. Read this 2 page white paper now to learn how you can protect your Linux environment with real-time protection that is certified by all major Linux vendors.
Download now »
Ensuring acceptable application delivery will become even more difficult over the next few years. As a result, IT organizations need to ensure that the approach that they take to resolving the current application delivery challenges can scale to support the emerging challenges. This handbook elaborates on the key tasks associated with planning, optimization, management and control and provides decision criteria to help IT organizations choose appropriate solutions.
Download now »
A common misconception is that mid-range storage requirements are dramatically different than that of a larger enterprise. Mid-range storage users may require less capacity, but they have similar functionality and management requirements. This ESG paper examines mid-range storage needs and reviews a new solution that adjusts size while retaining value, performance and functionality.
Download now »
Sign up to receive InfoWorld Resource Alerts
Recommend This
