We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

PowerPoint zero-day threat appears

Proof-of-concept code goes public

New proof-of-concept code targeting an unpatched vulnerability in Microsoft Office 2003 PowerPoint has become publicly available.

The new vulnerability was rated as "highly critical" by security firm Secunia, which described the flaw as being caused by an "unspecified error when processing PowerPoint presentations”.

A Microsoft Security Response Center blog posting said the company is aware of the proof-of-concept code. "The reported proof-of-concept may allow an attacker to execute code on a user's machine by convincing them to open a specially crafted PowerPoint file," the blog post said. It went on to note that Microsoft is monitoring the situation and is not aware of any actual attacks attempting to take advantage of the flaw.

Ken Dunham, director of the rapid response team at Versign's iDefense business unit, said attacks against the flaw are "increasingly likely" with the availability of public exploit code.

Attacks to date against PowerPoint and Office based vulnerabilities have been "highly targeted and sophisticated" he said.

Reports of the new flaw comes just three days after Microsoft rolled out patches for more than two dozen vulnerabilities in one of its largest-ever monthly security updates. Sixteen of the flaws patched this week were discovered in application software products. Exploits against many of those flaws - including one in PowerPoint - were already available before Microsoft's patch.


IDG UK Sites

Best Black Friday 2014 tech deals: Get bargains on smartphones, tablets, laptops and more

IDG UK Sites

What the Internet of Things will look like in 2015: homes will get smarter, people might get fitter

IDG UK Sites

Artist creates a geometric rave in a chapel for The House of St Barnabus

IDG UK Sites

Mac mini (Late 2014) 1.4 GHz review: Mac mini is sort of upgradable, but is it any good as it is?