PowerPoint Attacks Use Old Bug, Not New Flaw

Microsoft now says a recently spotted bug in PowerPoint may not be a new bug at all. Rather, it leverages a previously fixed vulnerability.



A bug in Microsoft's PowerPoint presentation maker that security researchers thought was brand new is not, Microsoft now says.

Earlier this week, several security vendors reported that PowerPoint, which was struck by exploits in July that leveraged an unpatched bug, contained another "zero-day" vulnerability which could be used in attacks against PCs. (One of the 12 security bulletins released Aug. 8 fixed the flaw that led to the July attacks.)

Nope, Microsoft said Wednesday in an entry on the company's security research center (MSRC) blog.

"This is NOT a zero day," wrote a member of the MSRC operations team identified only as "Scott." "Malware in the malicious .ppt leverages a previously fixed vulnerability in Microsoft Office to drop the payload," he added.

Oddly enough, the MSRC did not identify the patch that plugs the hole which a pair of new Trojan file droppers had used this weekend to attack Microsoft Office installations. Symantec, however, named the patch as MS06-012, which was released in March.

"After the MS06-012 patches are applied, the exploit no longer crashes Office," Symantec announced in an alert issued to customers of its DeepSight threat network. "We strongly encourage system administrators to ensure that the patches supplied in MS06-012 have been applied to all affected systems."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Email This  | 
Print  | 
RSS
More Insights
Copyright © 2020 UBM Electronics, A UBM company, All rights reserved. Privacy Policy | Terms of Service