Home > Security News > Microsoft plans PowerPoint zero-day patch
Security News:
EMAIL THIS LICENSING & REPRINTS

Microsoft plans PowerPoint zero-day patch

By Bill Brenner, Senior News Writer
18 Jul 2006 | SearchSecurity.com

Security Wire Daily News
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

Microsoft has determined that the recently discovered Microsoft PowerPoint flaws are serious enough to merit a fix in time for the next "Patch Tuesday," if not sooner.

The software giant released an advisory Monday confirming the existence of a zero-day flaw affecting PowerPoint 2000, 2002 and 2003, which attackers have actively exploited since last week.

"Microsoft is completing development of a security update for Microsoft PowerPoint that addresses this vulnerability," the software giant said. "The security update is now being finalized through testing to ensure quality and application compatibility and is on schedule to be released as part of the August security updates on Aug. 8, 2006, or sooner as warranted."

The exploit arrives by email as a Microsoft PowerPoint document attachment, Cupertino, Calif.-based antivirus giant Symantec Corp. warned last week in an advisory sent to customers of its DeepSight Threat Management System. When an end-user opens the PowerPoint document, the vulnerability is triggered and attackers are then able to run malicious code on a victim's machine.

"The vulnerability occurs when PowerPoint handles a specially malformed .ppt file, most likely exploiting an issue in the 'MSO.DLL' library file," Symantec said, adding that the flaw was being targeted by malicious code identified as Trojan.PPDropper-B.

The zero-day flaw came to light within a couple days of Microsoft's July patch update, which fixed eight different holes in Microsoft Excel as well as additional flaws in Microsoft Office. Soon after security holes were also found in PowerPoint.

Danish vulnerability clearinghouse Secunia issued an advisory Tuesday warning of a new PowerPoint flaw in addition to the previously reported flaws.

"The vulnerability is caused due to the application using data taken directly from a PowerPoint presentation file as a pointer when saving or closing the presentation," Secunia said. "This can be exploited to corrupt memory and manipulate the program flow in various ways."

The firm said successful exploitation crashes the application and potentially lets an attacker launch malicious code, though the latter hasn't been proven. Secunia confirmed the flaw on a fully patched Windows XP SP2 machine running Microsoft PowerPoint 2003.

Until it issues a security bulletin, Microsoft's advice is that users not open or save Microsoft Office files that come from untrusted sources or are received unexpectedly from trusted sources.

Sound Off! -   Be the first to post a message to Sound Off!


Tags: Spyware, Adware and TrojansSecuring Productivity ApplicationsVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google


TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineWebcastsWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Advanced Search | Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2003 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts