[ insider_reports_insider ]
PowerPoint Patched, Except On Macs
SecurityProNews
Staff Writer
2009-05-15
 Insider Reports RSS Feed
Microsoft issued a patch for critical vulnerabilities in PowerPoint this week after a bit of a wait. Mac users will continue to wait, however.
 | | PowerPoint Patched, Except On Macs |  |
PowerPoint's vulnerability was widely known and there apparently were others kept under wraps until Microsoft could issue a patch. Attackers looking to take advantage of the flaw did so by tricking users into opening a PowerPoint file, either by email or other means. Opening the file allowed malicious code to be injected.
Once injected the Trojan attempts to communicate with the Windows update site as a check for an internet connection. Once an internet connection is established, the Trojan sends computer identification and location information (computer name, IP address, OS), performs a directory search, lists the contents of the system, and downloads an update or additional malware.
In short, the virus tells a hacker exactly what's on a victim's computer, and the hacker decides whether or not to take action based on that information.
Microsoft has released a patch applicable to all versions of PowerPoint back to 2000. Mac users running 2004 or 2008 versions will have to wait as the patch for those versions are still in development.
Until then security experts recommend caution when opening PowerPoint files from unknown or suspicious sources. Microsoft rates the vulnerability as critical.
View All Articles by SecurityProNews
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
