TweakTown
Tech content trusted by users in North America and around the world
6,070 Reviews & Articles | 38,989 News Posts

New Zero-Day Flaw for PowerPoint 2003

Remote Code execution by modded PowerPoint files

| Posted: Apr 3, 2009 3:16 pm

Looks like PowerPoint users need to be careful. There is a new attack that uses a modified power point presentation to execute remote code.

 

The attack works by attempting to access an invalid object in memory, which then paves the way for the malicious code.

 

Microsoft has released an advisory on this but has also said this attack seems to be targeted at specific victims.

 

The flaw affects PowerPoint 2003.

 

Details can be found here

 

New Zero-Day Flaw for PowerPoint 2003
Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability.

 

We are actively working with partners in our Microsoft Active Protections Program (MAPP) and our Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers.

 

Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.

 

Related Tags

Further Reading: Read and find more news at our news index page.

Do you get our news RSS feed? Get It!

Got an opinion on this news? Post a comment below!

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases