Patch Tuesday: Fix coming for PowerPoint zero-day

Patch Tuesday: Fix coming for PowerPoint zero-day

Summary: Exactly one month after malicious hackers started using rigged PowerPoint files to launch targeted attacks, Microsoft announced plans to ship a "critical" bulletin affecting its flagship presentation program.The PowerPoint update is the only bulletin scheduled for this month's Patch Tuesday on May 12, 2009 .

SHARE:

Exactly one month after malicious hackers started using rigged PowerPoint files to launch targeted attacks, Microsoft announced plans to ship a "critical" bulletin affecting its flagship presentation program.

The PowerPoint update is the only bulletin scheduled for this month's Patch Tuesday on May 12, 2009 .  It is rated "critical" (remote code execution) for all supported versions of Microsoft Powerpoint 2000 through 2007.

[ SEE: Attackers pounce on Microsoft PowerPoint zero-day ]

The full list of affected software and severity ratings is available in this Microsoft advance notification.

In a pre-patch advisory issued last month, Redmond confirmed the zero-day flaw and described the attacks as “limited and targeted,” the kind of language that suggested it was being used to steal data from corporate or government networks.

The malware associated with the attack is a Trojan dropper embedded within an exploit in .ppt or .pps data files.

Topics: Software, Collaboration, Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • If history repeats

    they will fix it by not letting you open Powerpoint files.
    johnnydoe1894
  • RE: Patch Tuesday: Fix coming for PowerPoint zero-day

    Great!!! thanks for sharing this information to us!
    <a href="http://www.yuregininsesi.com">seslisohbet</a> <a href="http://www.yuregininsesi.com">seslichat</a>
    birumut