- About Future
- Digital Future
- Cookies Policy
- Terms & Conditions
- Investor Relations
- Contact Future
No rest for the weary, especially Windows users. Following the Conficker.c scare that, up to this point, hasn't lived up to the hype, a Microsoft Security Advisory (969136) warns of a newly discovered vulnerability in PowerPoint.
"Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if user opens a specially crafted PowerPoint file," said the advisory. "At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability."
Microsoft said the vulnerability is caused when PowerPoint accesses an invalid object in memory when parsing a specially crafted PowerPoint file. The security hole makes it possible for attackers to gain the same user rights as the local user.
No fix is currently in place, however Microsoft indicated it may release a patch before the next monthly security update. In the meantime, PowerPoint users are advised not to open or save Office files from un-trusted sources (thanks for that gem, MS!).