iTWire - Beware of malware-loaded PowerPoint files

IT&T JOBS|Discussion forum|Technology Events|IT Education|

Today on iTWire IT News Telecommunications People Our Blogs Tech Lifestyle Releases Science Sustainability MyProfile Whitepapers

Daily ICT Newsletter FREE TRIAL

Follow the Australian Telecommunications scene NEWSLETTER- FREE TRIAL

Technology news and Jobs

Information Technology News

Beware of malware-loaded PowerPoint files

Beware of malware-loaded PowerPoint files

E-mail

by Stephen Withers
Monday, 06 April 2009
A fresh wave of malicious documents are being used in targeted attacks on Microsoft Office users. This time, PowerPoint is the vehicle. Featured Whitepaper 5 Best Practices for Smartphone Support Microsoft warned late last week of "limited and targeted attacks" attempting to exploit an unpatched vulnerability in several versions of PowerPoint. Opening a maliciously crafted PowerPoint file can result in the execution of remote code. According to Microsoft's Security Research and Defense blog, the malware targeting this vulnerability is the first reliable exploit for Office SP3 with the latest security updates. Also affected by the vulnerability are PowerPoint 2000, 2002 and 2004. PowerPoint 2007 is not affected. Microsoft officials say that several different exploit files have been seen, but so far they have only been used for targeted attacks. When the malicious documents are opened, they attempt to drop additional malware onto the computer. Microsoft's Bill Sisk said the company "Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs." The next monthly update is scheduled for Tuesday April 14. Workarounds include blocking the use of binary PowerPoint files in favour of the XML based .pptx and related formats, or forcing binary PowerPoint files to open in MOICE (Microsoft Isolated Conversion Environment). That tool does not have the vulnerability that's being exploited, and therefore can be safely used to convert binary PowerPoint files to their Office Open XML equivalent. Microsoft has updated Windows Live OneCare and Forefront to detect the exploit files. The company is working with other security vendors to provide broader detection. Tags See All Tags Exploit Mac OS X Malware Microsoft Microsoft Office Security Software Stephen Withers Vulnerability Windows Powered By Joomla Tags Please enable JavaScript in your browser to post your comment!

< Next story in category		Previous story in the category >

Sponsored Releases

Internet Security Predictions for 2010 from AVG (AU/NZ)

Frost & Sullivan Awards Websense Australian Secure Content Management Vendor of The Year

TANDBERG Awarded Australia Video Conferencing Vendor Of The Year By Frost & Sullivan

World Leader in IT Power Management Appoints Channel Partner for South Pacific

MicroStrategy Reporting Suite Provides Seamless BI Reporting for Microsoft Analysis Services

Thunderhead Appoints Phil Walker as Managing Director of Asia Pacific and Europe

Heathrow Airport Terminal 5 Live with Progress Software

...Promote your press-releases here

Latest jobs

	Visitors last 30 days	694,279
	Subscribers	15,210

#1 independent technology news advertise here

- Advertisement -

Featured Whitepapers

	5 Best Practices for Smartphone Support Worldwide shipments of smartphones reached a high of nearly 40 million units in the third quarter of 2008, helping to grow the category by 28% from the same quarter last year.
	Legacy Tools: Not For Today’s Helpdesk Why applications like RDP, VPNs and VNC may be costing you time, money and end-user satisfaction.

Today on iTWire

Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

website free tracking