PowerPoint Zero-Day Poses "Severe" Threat

Microsoft has warned customers of the "severe" threat posed by an as yet unpatched PowerPoint vulnerability.

The vulnerability affects versions of PowerPoint running on Windows and Apple OS X, security-vendor McAfee has reported.

The stark warning came this morning as Microsoft posted a security advisory and new entry on its Malware Protection Centre website.

"Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file," the advisory reads. "At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability."

That's reassuring. Unless you're the one being targeted.

As a fantastically practical mitigation strategy, Microsoft recommends users don't open PowerPoint files that arrive unexpectedly, either from trusted contacts or stranger dangers.

Users who really must open unexpected PowerPoint deliveries can use the Microsoft Office Isolated Conversion Environment, or MCOIE. That software performs sanity-checks on Microsoft binary formats, converting them to known-safe files. "[The] MOICE will protect Office 2003 installations by more securely opening Word, Excel, and PowerPoint binary format files," the company says.

Vendors are rolling out sigs as we speak.

Microsoft has posted an excellent write-up here.