«
»

Powerpoint vulnerability (August 2006)



I’m having to make sure I put the date in the title of these posts now…. over the weekend there were rumors of a new powerpoint vulnerability. Sans had an early notice of some trojan droppers using powerpoint files. And by the 20th (Sunday) it was being called a 0-day. There is a good FAQ over at securiteam.com.


It sounds kind of like what you’d expect… “specially crafted Powerpoint file leads to code execution.” There’s no details of which versions of Powerpoint, but I wonder if it may go back to the Office 97 era Powerpoint since the affected operating systems in the FAQ go back to Windows 95 (Was it possible to load Powerpoint 2000 on Windows 95… I guess it may have been.) There doesn’t yet seem to be any word from Microsoft on the issue. The bottom line here is to be cautious with files downloaded from unkown/unexpected and untrusted sources.

Update 8/24/06

According to Microsoft via betanews this is NOT a zero-day exploit and is an issue that’s already been fixed. In other words, if you’re up to date on your office updates you should be ok.

Popularity: 1% [?]

PDF Printer    Send article as PDF   
Blog Traffic Exchange Related Posts
  • Microsoft October 2006 patch Tuesday The first thing I should mention is that this months update from Microsoft is the last for XP SP1 users should plan a migration path to SP2 to keep getting updates to XP. Multiple vulnerabilities this month have been patched in Office There are 4 advisories, but a total of......
  • The security of remote tech support (ultravnc sc or x11vnc with wrapper script) Well, I've got a nice way of doing "easy" one click (or one cut and paste) light desktop support for windows or linux, one uses ultravnc sc, the other uses x11vnc with a special wrapper script. So, what security flaws are there in this process? Well, for starters, I see......
  • Bad malware storms brewing ADTMAG.com has an interesting article talking of the convergance of spyware and more sophisticated phishing attacks. They talk about the convergance of viruses and spam engines that happened in 2003 as a real shift in the dynamic of WHERE junk mail was coming from. Today botnets account for about 90%......
Blog Traffic Exchange Related Websites
  • Microsoft to Improve User Access Control in Windows 7 I was just reading a Slashdot article about Microsoft improving User Access Control (UAC) in Windows 7. In the cited PC Pro article, Microsoft engineer Ben Fathi says: We've heard loud and clear that you are frustrated. You find the prompts too frequent, annoying, and confusing. We still want to......
  • My Bankruptcy Papers document.write(''); Bankruptcy is a legal court process that gives debtors a fresh financial start. Through bankruptcy, debts may be eliminated or a debtor may be given additional time to repay debts. Certain debts are not forgiven through bankruptcy. For example, child support, spousal support and some student loans are......
  • These Wordpress Plugins May help Wordpress Plugins You May Need Image by teddy-rised via Flickr I have been asked many different times from new bloggers what plugins they should use. I think a big part of it comes down to personal taste.  While there are some essentials many of them are just add-on plugins......

Similar Posts


This entry was posted on Tuesday, August 22nd, 2006 at 11:59 am and is filed under Computers, Security, Security-Vulnerabilities, Windows Software, Windows Tech Support. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.

Switch to our mobile site