Powerpoint vulnerability (August 2006)



I’m having to make sure I put the date in the title of these posts now…. over the weekend there were rumors of a new powerpoint vulnerability. Sans had an early notice of some trojan droppers using powerpoint files. And by the 20th (Sunday) it was being called a 0-day. There is a good FAQ over at securiteam.com.


It sounds kind of like what you’d expect… “specially crafted Powerpoint file leads to code execution.” There’s no details of which versions of Powerpoint, but I wonder if it may go back to the Office 97 era Powerpoint since the affected operating systems in the FAQ go back to Windows 95 (Was it possible to load Powerpoint 2000 on Windows 95… I guess it may have been.) There doesn’t yet seem to be any word from Microsoft on the issue. The bottom line here is to be cautious with files downloaded from unkown/unexpected and untrusted sources.

Update 8/24/06

According to Microsoft via betanews this is NOT a zero-day exploit and is an issue that’s already been fixed. In other words, if you’re up to date on your office updates you should be ok.

Related Posts

Blog Traffic Exchange Related Posts
  • Lotus Notes WMF vulnerability This is really the same zero-day wmf vulnerability, but there is a twist. It's been found that Lotus Notes v. 6.x and up are vulnerable to the Windows Meta File (WMF) exploit that's making the rounds. Probably not surprising given that there are reports of many vectors of attack, not......
  • Ron Ads NetupBanner Popups and Invalid Image file c:\windows\system32\nolomipu.dll Here are some notes from a recent spyware cleanup. The system came in and there were complaints that "Ron Ads by NetupBanner" kept coming up all the time as well as popups claiming that the dll c:\windows\system32\nolomipu.dll is not a valid windows image - mismn.exe bad image. I ran malwarebytes......
  • Bad malware storms brewing ADTMAG.com has an interesting article talking of the convergance of spyware and more sophisticated phishing attacks. They talk about the convergance of viruses and spam engines that happened in 2003 as a real shift in the dynamic of WHERE junk mail was coming from. Today botnets account for about 90%......
Blog Traffic Exchange Related Websites
  • 12/22 - ETF Trading - Gain on EWH A small gain on our EWH trade: our etf exit signals triggered yesterday with a positive close. We gained .80% on EWH We have made 33 winning trades out of 41 for the year. That’s a winning percentage of better than 80%. Our goal is to produce more winning trades......
  • Things to Have Removed from your Credit Report pt 2 Continued from part 1. 3 - Charge Offs. When you do not pay off a credit card account or a loan account for a period of three to six months, your creditors are generally going to assume that your account is non collectible, or that it is in default. When......
  • Windows Mobile 7 coming in 2010 Microsoft is planning to launch new mobile OS, 7 (branded as Seven) to challenge the Google's Android and Apple's iPhone OS. Windows series 7 OS is to be shipped in two flavors: one for OEM and business customers, and a media-oriented version for consumers called the Media Edition. Both versions......
Edit PDF    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site