Microsoft to Release PowerPoint Patch by August 8, 2006

InformationWeek is reporting Microsoft is slated to release a patch in response to an zero-day bug discovered in PowerPoint recently.  The bug has been exploited by a Trojan horse called PPDDropper.b:

The attack is carried out by a Trojan horse with the moniker “PPDDropper.b,” which hides inside a malicious PowerPoint file attached to an e-mail with a Google Gmail return address. PPDDropper.b, in turn, drops a backdoor component, dubbed “Bifrose.e”by Symantec. Bifrose.e then injects a malicious routine into Windows’ EXLORER.EXE process, and overwrites the malformed PowerPoint file with a new, clean presentation document.

Microsoft has had to issue patches for both Word 2003 and Excel 2003 in response to dangerous vulnerabilities.  The Excel bug was very similar in nature to the PowerPoint bug, and was even exploited by the same type of Trojan horse.  The PowerPoint bug, however, is present in versions 2000, 2002 and 2003.

In an advisory published July 17, 2006, Microsoft warns users not open Office files unless you’re expecting them:

Do not open or save Microsoft Office files that you receive from un-trusted sources or that you received unexpectedly from trusted sources.

The InformationWeek article suggests using PowerPoint Viewer to view presentations you may need to open.  You can download PowerPoint Viewer 2003 from Microsoft by following this link.

**Update** Click here to learn more about the security update that patches this exploit and downloading options on microsoft.com.

Add to Google

Advertisements
Explore posts in the same categories: bug, Excel, InformationWeek, Microsoft, Microsoft PowerPoint, Microsoft Security Advisory, Office 2003, Patch, PowerPoint, Random Thoughts, Trojan horse, Word

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: