Powerpoint vulnerability (August 2006)



I’m having to make sure I put the date in the title of these posts now…. over the weekend there were rumors of a new powerpoint vulnerability. Sans had an early notice of some trojan droppers using powerpoint files. And by the 20th (Sunday) it was being called a 0-day. There is a good FAQ over at securiteam.com.


It sounds kind of like what you’d expect… “specially crafted Powerpoint file leads to code execution.” There’s no details of which versions of Powerpoint, but I wonder if it may go back to the Office 97 era Powerpoint since the affected operating systems in the FAQ go back to Windows 95 (Was it possible to load Powerpoint 2000 on Windows 95… I guess it may have been.) There doesn’t yet seem to be any word from Microsoft on the issue. The bottom line here is to be cautious with files downloaded from unkown/unexpected and untrusted sources.

Update 8/24/06

According to Microsoft via betanews this is NOT a zero-day exploit and is an issue that’s already been fixed. In other words, if you’re up to date on your office updates you should be ok.

Related Posts

Blog Traffic Exchange Related Posts
  • Remote tech support with anything - would I do it? I've tried to ask myself if I'd trust someone enough to let them run a remote session on my own desktop to solve a problem. I think the answer is "it depends". If you think about it, I do tech support for home users quite a bit and they let......
  • Lotus Notes WMF vulnerability This is really the same zero-day wmf vulnerability, but there is a twist. It's been found that Lotus Notes v. 6.x and up are vulnerable to the Windows Meta File (WMF) exploit that's making the rounds. Probably not surprising given that there are reports of many vectors of attack, not......
  • Microsoft October 2006 patch Tuesday The first thing I should mention is that this months update from Microsoft is the last for XP SP1 users should plan a migration path to SP2 to keep getting updates to XP. Multiple vulnerabilities this month have been patched in Office There are 4 advisories, but a total of......
Blog Traffic Exchange Related Websites
  • Crossbow Hunting May See Rule Changes by Game Commission As far as sports go, hunting and ping pong really have nothing alike. However, hunters who are preparing to enjoy the 2009 archery hunting season have been forced to watch a rather tedious series of parries as the Game Commission's board of directors lodge a series of serve and return......
  • My Bankruptcy Papers document.write(''); Bankruptcy is a legal court process that gives debtors a fresh financial start. Through bankruptcy, debts may be eliminated or a debtor may be given additional time to repay debts. Certain debts are not forgiven through bankruptcy. For example, child support, spousal support and some student loans are......
  • Angie's List: Any Good? Longtime readers know that while I live near San Francisco, my wife and I own rental properties in Boston. We didn't set out to buy them as an income stream. She owned her place before she met me. I bought my place soon after we started dating. While neither one......
PDF    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site