Microsoft is warning of attacks on their presentation software application, PowerPoint. Just by opening PowerPoint, a user can infect his computers and possibly other connected computers.
Microsoft issued Security Advisory 969136
An attacker could gain the same user rights as the local user. Users who operate with full administrative user rights are especially vunerable.
In a Web attack scenario, all an attacker would have to do is host a Web site that contains an a vunerable Office file. Web sites and Web sites that accept or host user-provided content could could be more vunerable . Note: an attacker would have to coax users to visit the Web site and click on a an affected PowerPoint link.
Email Note: The attack can not be automated through e-mail. A user must open an infected PowerPoint attachment that is sent in an e-mail message.
PowerPoint users in the U.S. and Canada who believe they are affected can receive technical support from Security Support or 1-866-PCSAFETY. There is no charge for support calls that are associated with security updates. For more information about available support options, see Microsoft Help and Support.
Affected Software:
Microsoft Office PowerPoint 2000 Service Pack 3
Microsoft Office PowerPoint 2002 Service Pack 3
Microsoft Office PowerPoint 2003 Service Pack 3
Microsoft Office 2004 for Mac
Non-affected Software
Microsoft Office PowerPoint 2007
Microsoft Office PowerPoint 2007 Service Pack 1
Microsoft Office PowerPoint Viewer 2003
Microsoft Office PowerPoint Viewer 2007
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
