TweakTown
Tech content trusted by users in North America and around the world
5,937 Reviews & Articles | 38,247 News Posts

New Zero-Day Flaw for PowerPoint 2003

Remote Code execution by modded PowerPoint files

| Posted: Apr 3, 2009 3:16 pm

Looks like PowerPoint users need to be careful. There is a new attack that uses a modified power point presentation to execute remote code.

 

The attack works by attempting to access an invalid object in memory, which then paves the way for the malicious code.

 

Microsoft has released an advisory on this but has also said this attack seems to be targeted at specific victims.

 

The flaw affects PowerPoint 2003.

 

Details can be found here

 

New Zero-Day Flaw for PowerPoint 2003
Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.

 

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers.

 

Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

 

Related Tags

Further Reading: Read and find more news at our news index page.

Do you get our news RSS feed? Get It!

Post a Comment about this news

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases