Microsoft’s PowerPoint Contains New Security Bug

According to an alert from Microsoft issued on April 2, 2009, computer attackers are using specially crafted Microsoft PowerPoint presentation files to exploit unpatched security flaw that is effectively harming the company's presentation software.

Microsoft explains that a successful attack requires the victim to view a corrupt PowerPoint file, while the file could come to him by an e-mail.

Presently, attackers are exploiting the security flaw only in targeted attacks where the malware involved is a Trojan downloader embedded inside an attack code within .pps and .ppt data files.

Furthermore, Microsoft says through its security advisory that the flaw becomes active when PowerPoint software in Microsoft Office Suite connects to an invalid object inside memory, during the parsing of a file that is specially crafted with PowerPoint. With such conditions, the attacker is able to run any code he chooses, as reported by eWeek on April 2, 2009.

However, running of an arbitrary code might lead to the download of malware on the hijacked computer. The advisory points out that the newly found security flaw affects Microsoft Office PowerPoint 2003 Service Pack 3, 2002 Service Pack 3, 2000 Service Pack 3, and Microsoft Office 2004 for Mac.

Moreover, there is no indication when a security update would be ready to patch the flaw. In the meantime, Microsoft has launched its security response process that involves the company's own efforts as well as its collaboration with partner agencies, supplying anti-malware software, to actively detect the vulnerable parts of the exploit. When this process finishes, Microsoft would release a security bulletin containing the patches, but this could take a number of months.

Security experts have commented that traditionally, Microsoft categorizes security flaws in Office applications as non-critical.

Hence, Microsoft recommends that users of Microsoft's Office to avoid saving or opening files, even if they arrive from reliable sources. These files might be maliciously spoofed, leading to malware installation that could breach the end-user's security.

Bill Sisk, Communications Manager, Microsoft Security Response Center (MSRC), states that Microsoft will certainly take essential steps to protect its customers from the threat, as reported by eWeek on April 2, 2009.

Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails

» SPAMfighter News - 4/7/2009