PowerPoint Zero-Day Poses "Severe" Threat
Microsoft has warned customers of the "severe" threat posed by an as yet unpatched PowerPoint vulnerability.
The vulnerability affects versions of PowerPoint running on Windows and Apple OS X, security-vendor McAfee has reported.
The stark warning came this morning as Microsoft posted a security advisory and new entry on its Malware Protection Centre website.
"Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file," the advisory reads. "At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability."
That's reassuring. Unless you're the one being targeted.
As a fantastically practical mitigation strategy, Microsoft recommends users don't open PowerPoint files that arrive unexpectedly, either from trusted contacts or stranger dangers.
Users who really must open unexpected PowerPoint deliveries can use the Microsoft Office Isolated Conversion Environment, or MCOIE. That software performs sanity-checks on Microsoft binary formats, converting them to known-safe files. "[The] MOICE will protect Office 2003 installations by more securely opening Word, Excel, and PowerPoint binary format files," the company says.
Vendors are rolling out sigs as we speak.
Microsoft has posted an excellent write-up here.
Public satellite imagery yields a wealth of intelligence...2 days 10 hours ago
Awesome feature track this week. Check it out here!2 days 10 hours ago
Special guests The Grugq, Singe, Charl and Andrew...1 week 3 days ago
Pwnage! Malware! Cats and dogs living together!1 week 3 days ago
All your herp derps are belong to RPTs...3 weeks 3 days ago
- Love the Das Efx tribute.
10 weeks 3 days ago
- LOL so no comment by Adobe's
11 weeks 5 days ago
- Welcome back, great stuff as
14 weeks 2 days ago
- AEDs are very accurate and
20 weeks 5 days ago
- I did see that after we
21 weeks 15 hours ago
- Great podcast, a small
21 weeks 5 days ago
- Peck of pickled peppers? We
24 weeks 4 days ago
- Link to Sophail: Applied
27 weeks 2 days ago
- Fixed. I got autocorrected...
29 weeks 3 days ago
- it's jduck, not duck
29 weeks 3 days ago