informa
/
1 MIN READ
News

PowerPoint Attacks Use Old Bug, Not New Flaw

Microsoft now says a recently spotted bug in PowerPoint may not be a new bug at all. Rather, it leverages a previously fixed vulnerability.
A bug in Microsoft's PowerPoint presentation maker that security researchers thought was brand new is not, Microsoft now says.

Earlier this week, several security vendors reported that PowerPoint, which was struck by exploits in July that leveraged an unpatched bug, contained another "zero-day" vulnerability which could be used in attacks against PCs. (One of the 12 security bulletins released Aug. 8 fixed the flaw that led to the July attacks.)

Nope, Microsoft said Wednesday in an entry on the company's security research center (MSRC) blog.

"This is NOT a zero day," wrote a member of the MSRC operations team identified only as "Scott." "Malware in the malicious .ppt leverages a previously fixed vulnerability in Microsoft Office to drop the payload," he added.

Oddly enough, the MSRC did not identify the patch that plugs the hole which a pair of new Trojan file droppers had used this weekend to attack Microsoft Office installations. Symantec, however, named the patch as MS06-012, which was released in March.

"After the MS06-012 patches are applied, the exploit no longer crashes Office," Symantec announced in an alert issued to customers of its DeepSight threat network. "We strongly encourage system administrators to ensure that the patches supplied in MS06-012 have been applied to all affected systems."

Editor's Choice
Brian T. Horowitz, Contributing Reporter
Samuel Greengard, Contributing Reporter
Nathan Eddy, Freelance Writer
Brandon Taylor, Digital Editorial Program Manager
Jessica Davis, Senior Editor
Cynthia Harvey, Freelance Journalist, InformationWeek
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing