Apr 03 2009
Alert: Powerpoint flaw used for Trojan attacks
A newly discovered Powerpoint flaw is being exploited “in the wild” to install malicious software on victim’s machines. The exploit relies on tricking users into opening an infected email attachment or opening an infected PowerPoint file hosted on a web site.
All major antivirus vendors should have protection in place by now. Still, the usual caution applies: Do not open any file from an untrusted source. Ever.
Here are the high points:
- Office 2007 is unaffected. Earlier versions are vulnerable (Office 2003, Office XP, Office 2000).
- Office 2004 for the Mac is vulnerable; Office 2008 for Mac is safe.
- The PowerPoint Viewer is not vulnerable.
- Microsoft is working on a patch for this issue.
Further reading: The Register posted a good overview this morning. Also, check out Microsoft’s official security advisory.