Microsoft reacted to the growing attacks using unpatched exploits against its Office suite by issuing a security advisory Monday that gave users one piece of advice: don't open or save unexpected Office files, even those received from trusted sources.

The advisory also promised that a patch for the most recently-attacked Office application, PowerPoint, will be issued no later than August 8.

"The security updateis on schedule to be released as part of the August security updates, or sooner as warranted," the advisory read. August 8 is the next regularly-scheduled patch day for the Redmond, Wash. developer.

Occasionally, Microsoft goes "out of cycle" to produce patches earlier than planned. The last time it did so was in January, when it rushed a fix for a flaw in the Windows Metafile image format which was being used by thousands of Web sites to infect users with spyware.

PowerPoint 2000, 2002, and 2003 are vulnerable to the latest exploits, Microsoft acknowledged. Previously, only PowerPoint 2003 had been identified as at risk by security vendors.

Last week, attacks exploiting a zero-day bug in PowerPoint were disclosed by security companies such as Symantec, which noted that the attacks were very similar to ones in June against Excel. Both began with Chinese-language spam e-mail, for instance, and relied on a Trojan-backdoor combination to take control of victimized PCs. Like the Excel attacks the month before, the July PowerPoint exploits appeared within days of Microsoft's monthly patches.

Although Microsoft downplayed the threat by reminding users that they would have to open a malicious PowerPoint document to come under attack, a security analyst recommended Office users take care.

"Everyone needs to exercise caution over which files they choose to open," said Graham Cluley, a senior analyst with U.K.-based Sophos, in a statement Tuesday.

Other than its advice not to open unexpected Office documents, Microsoft had no other workarounds for users. Its PowerPoint Viewer 2003 application, however, which opens presentations for viewing only, is not vulnerable to attack, and in a pinch can be used to open, but not work on, .ppt files, said Microsoft.