New PowerPoint Vulnerabilty Being Exploited

I bet Microsoft just wishes that September would hurry up and end, it certainly has been a month full of vulnerabilities and exploits, the newest one affects Microsoft’s PowerPoint, or more specifically Microsoft PowerPoint 2000, Microsoft PowerPoint 2002, Microsoft Office PowerPoint 2003, Microsoft PowerPoint 2004 for Mac, and Microsoft PowerPoint v. X for Mac.

In order for the attack to work, the user must open a malicious PowerPoint file, either through email or somehow given to them by the attacker. The only workarounds currently are to use PowerPoint viewer 2003 to open and view files, as the viewer does not contain the vulnerable code, and of course, do not open any PowerPoint files from untrusted sources. From Microsoft,

  • An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.

  • In a Web-based attack scenario, an attacker would have to host a Web site that contains a PowerPoint file that is used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s site.
  • The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.
  • Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a document.

From vnunet,

“Hackers are showing increasing ingenuity in their attempts to break into innocent users’ computers, and are always on the hunt for exploitable bugs in commonly used programs,” said Cluley.

“PowerPoint is the standard business tool for presentations, underlining that all computer users need to show great caution when handling unsolicited email attachments.”

As always, lets be careful out there.

Be the first to comment - What do you think?  Posted by Jimmy Daniels - September 29, 2006 at 5:09 pm

Categories: Malware, Office News, PowerPoint, Security   Tags: