We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,821 News Articles

PowerPoint zero-day threat appears

Proof-of-concept code goes public

New proof-of-concept code targeting an unpatched vulnerability in Microsoft Office 2003 PowerPoint has become publicly available.

The new vulnerability was rated as "highly critical" by security firm Secunia, which described the flaw as being caused by an "unspecified error when processing PowerPoint presentations”.

A Microsoft Security Response Center blog posting said the company is aware of the proof-of-concept code. "The reported proof-of-concept may allow an attacker to execute code on a user's machine by convincing them to open a specially crafted PowerPoint file," the blog post said. It went on to note that Microsoft is monitoring the situation and is not aware of any actual attacks attempting to take advantage of the flaw.

Ken Dunham, director of the rapid response team at Versign's iDefense business unit, said attacks against the flaw are "increasingly likely" with the availability of public exploit code.

Attacks to date against PowerPoint and Office based vulnerabilities have been "highly targeted and sophisticated" he said.

Reports of the new flaw comes just three days after Microsoft rolled out patches for more than two dozen vulnerabilities in one of its largest-ever monthly security updates. Sixteen of the flaws patched this week were discovered in application software products. Exploits against many of those flaws - including one in PowerPoint - were already available before Microsoft's patch.


IDG UK Sites

5 things we want to see in Android M: New features and fixes

IDG UK Sites

iPad mini 3 release date rumours: 'iPad mini Air' will be 30 percent thinner than current model

IDG UK Sites

Introducing generation tech

IDG UK Sites

This animated film reveals the importance of designing for everyone