Old PowerPoint formats become dangerous
Microsoft warns about cases of hacker attacks through PPT files of older versions. The specialists of the company learned about the presence of a new hole after the fact, after the appearance of the exploit (even several exploits ) and after the start of the distribution of infected files. That is, it is a zero-day type vulnerability for which there is no patch yet.
The vulnerability affects the file formats PowePoint 2000 SP3, 2002 SP3 and 2003 SP3, as well as Office 2004 for Mac. After opening the infected file, PowerPoint accesses the “wrong” object in the main memory, after which the malware obtains the right to execute any code and starts downloading trojans from the Internet.
According to Microsoft, hacker attacks have not yet become widespread, but are aimed only at strictly defined people. Microsoft does not promise to release a separate patch and does not even promise to include its patch in the monthly cumulative patch on April 14 (after all, we are talking about old versions of programs). Ordinary users can only use the Microsoft Office Isolated Conversion Environment (MOICE) utility to convert files to the Office 2007 format , and also activate the Microsoft Office File Block option in the Windows registry to restrict the opening of files of versions Office 2003 and earlier.
Recall that five weeks ago a similar zero-day vulnerability was discovered for Excel. Ordinary users of MS Office programs ask themselves a natural question: when will this end? According to experts - never. Because Microsoft is not able to fully test all old versions of MS Office formats, but is required to maintain backward compatibility with them.
via ZDNet UK
The vulnerability affects the file formats PowePoint 2000 SP3, 2002 SP3 and 2003 SP3, as well as Office 2004 for Mac. After opening the infected file, PowerPoint accesses the “wrong” object in the main memory, after which the malware obtains the right to execute any code and starts downloading trojans from the Internet.
According to Microsoft, hacker attacks have not yet become widespread, but are aimed only at strictly defined people. Microsoft does not promise to release a separate patch and does not even promise to include its patch in the monthly cumulative patch on April 14 (after all, we are talking about old versions of programs). Ordinary users can only use the Microsoft Office Isolated Conversion Environment (MOICE) utility to convert files to the Office 2007 format , and also activate the Microsoft Office File Block option in the Windows registry to restrict the opening of files of versions Office 2003 and earlier.
Recall that five weeks ago a similar zero-day vulnerability was discovered for Excel. Ordinary users of MS Office programs ask themselves a natural question: when will this end? According to experts - never. Because Microsoft is not able to fully test all old versions of MS Office formats, but is required to maintain backward compatibility with them.
via ZDNet UK