New exploits target Microsoft's PowerPoint, IE

Microsoft may have patched the VML flaw in Internet Explorer, but now it faces new threats against the Web browser and PowerPoint.

Barely a day after Microsoft patched the Vector Markup Language (VML) flaw in Internet Explorer, the company was forced to acknowledge a new zero-day attack against PowerPoint. Meanwhile, exploit code has been released for another Internet Explorer flaw.

"Microsoft is investigating new public reports of limited 'zero-day' attacks using a vulnerability in PowerPoint 2000, PowerPoint 2002, Office PowerPoint 2003, PowerPoint 2004 for Mac, and PowerPoint 2004 [version] X for Mac," Microsoft said in an advisory.

But for the attack to succeed, Microsoft noted, "a user must first open a malicious PowerPoint file attached to an email or otherwise provided to them by an attacker."

More on security threats
Tips for handling security threats

Microsoft releases Office, Windows fixes
Microsoft said it will take steps to address the threat once it concludes the investigation. "This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs," the company said.

The French Security Incident Response Team (FrSIRT) said in an advisory that the flaw is in how malformed PowerPoint documents are handled. Attackers could exploit the flaw to run arbitrary commands on a targeted machine by tricking a user into opening a specially crafted document.

Two pieces of malware are actively exploiting the security hole: Trojan.Controlppt-W and Trojan.Controlppt-X, also known as PPDropper-F and Exploit-PPT-d.

Until a patch is released, Microsoft recommends users mitigate the threat by:

  • Using PowerPoint Viewer 2003 to open and view files. PowerPoint Viewer 2003 does not contain the vulnerable code and is not susceptible to this attack.
  • Not opening or saving PowerPoint files received from untrusted sources, since the flaw could be exploited when a user opens a specially crafted PowerPoint file.

Meanwhile, Metasploit Framework creator H.D. Moore has discovered a flaw in Internet Explorer that attackers could exploit via malicious Web sites. Attackers could corrupt computer memory when the user visits one of these sites.

Danish vulnerability clearinghouse Secunia confirmed the flaw on a fully patched system with Internet Explorer 6.0 and Microsoft Windows XP SP2 and noted that exploit code is publicly available.

"The vulnerability is caused due to an integer overflow error in the 'setSlice()' method in the 'WebViewFolderIcon' ActiveX control," Secunia said in an advisory. "This can be exploited to corrupt memory when visiting a malicious Web site."

Secunia said only trusted Web sites should be allowed to run ActiveX controls.

This article originally appeared on SearchSecurity.com.

Dig deeper on Security and risk management for Small Business

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close