On TechRepublic: 10 ways to deal with a bad boss
BNET Business Network:
BNET
TechRepublic
ZDNet
19 TalkBacks

By Joris Evers
Posted on ZDNet News: Jul 17, 2006 11:55:00 PM

Microsoft is readying a fix for a zero-day flaw in PowerPoint that is being exploited in targeted cyberattacks, the company said Monday.

A patch is being completed and is scheduled to be released on Aug. 8, Microsoft's next "Patch Tuesday," the company said in a security advisory. The fix may be released sooner, if that is warranted, Microsoft said.

Word of the new PowerPoint flaw came last week, only a day after Microsoft released seven security bulletins with fixes for 18 flaws on its July patch day. The new PowerPoint problem could enable an attacker to gain complete control over a vulnerable PC, if a malicious file is opened by its user.

"In order for this attack to be carried out, a user must first open a malicious PowerPoint document attached to an e-mail or otherwise provided to them by an attacker," Microsoft said in its advisory.

The vulnerability affects PowerPoint 2000, PowerPoint 2002 and PowerPoint 2003. Attacks that exploit the flaw in the presentation application are "limited," Microsoft said. Typically, they have to be widespread for the company to issue a patch outside of its monthly schedule.

Some security experts believe the timing of an attack to follow right after a monthly patch day is no coincidence. Microsoft typically does not release fixes outside of its monthly patching cycle for such flaws, giving miscreants at least a month to try to profit from them.

SponsoredWhite Papers, Webcasts, and Downloads

  • Talkback
  • Most Recent of 19 Talkback(s)
Yes......
And like a broken record, is annoying as hell. (Read the rest)
Posted by: mypl8s4u2 Posted on: 07/18/06 You are currently: a Guest | | Terms of Use
Microsoft to plug PowerPoint hole  Loverock Davidson | 07/17/06
It better NOT BE, because there's been a fixed price put on it.  yogeee | 07/17/06
Soon?  Cardinal_Bill | 07/17/06
Soon!  Loverock Davidson | 07/17/06
Oh flame off.  snoobar | 07/17/06
living in fear  Loverock Davidson | 07/17/06
So...  zkiwi | 07/18/06
I am only making a on observation here, but looking  michael_t | 07/18/06
Just wanted to be sure...  Cardinal_Bill | 07/17/06
You still sound unsure  Loverock Davidson | 07/17/06
Dodge and weave!  DangDaCommonCentz | 07/18/06
Why would I  Loverock Davidson | 07/18/06
Open Office....  mypl8s4u2 | 07/18/06
Another waiting game.  Mr. Roboto | 07/17/06
AGAIN!!!  Intellihence | 07/17/06
there's a difference between them and a record though...  Monkey_MCSE | 07/17/06
Yes......  mypl8s4u2 | 07/18/06
what's the hurry you guys? Take a break, go to some sea resort and kick bac  michael_t | 07/17/06
zero-day flaw in PowerPoint  not of this world | 07/18/06

What do you think?

advertisement
advertisement

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here