Another hole found in PowerPoint

Posted by   Virus Bulletin on   Oct 19, 2006

Proof-of-concept exploit shows further bug in slideshow software

Microsoft has issued an alert over a new potential zero-day exploit in its PowerPoint presentation software. The exploit is only a proof of concept and is as yet not thought to be in use by attackers.

The new bug comes just days after the monthly Patch Tuesday updates, one of which covered a previous hole in PowerPoint. It is believed to affect only the Office 2003 version of PowerPoint, and may result in remote code execution.

Microsoft released news of the vulnerability on its security blog. Alerts have also been issued by US-CERT and by Secunia, which has rated the problem as 'highly critical'.

Posted on 19 October 2006 by Virus Bulletin

 Tags

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Research shows web security products perform well against exploit kits

Research by Virus Bulletin, in which five web security products were served 54 live exploit kits, shows that the products blocked between 87 and 100 per cent of the kits.

Throwback Thursday: Olympic Games

In 1994, along with the Olympic Games came an Olympic virus, from a group of Swedish virus authors calling themselves ‘Immortal Riot’. We look back at Mikko Hyppönen's analysis in the VB archive.

VB2016 call for last-minute papers opened, discounts announced

Announcing the VB2016 call for last-minute papers and a number of discounts on the conference registration rate.

Guest Blog: Malicious Scripts Gaining Prevalence in Brazil

In the run up to VB2016, we invited the conference sponsors to write guest posts for our blog. In the second of this series, ESET's Matías Porolli writes about malicious Visual Basic and JavaScript gaining prevalence in Brazil.

Romanian university website compromised to serve Neutrino exploit kit

The website of the Carol Davila University of Medicine and Pharmacy has been compromised to inject a hidden iframe into the site's source code that serves the Neutrino exploit kit and may infect visitors with ransomware.