Powerpoint


Microsoft Struts Office 2010 ‘Sandbox’ Security

From Computerworld (Gregg Keizer)
Microsoft’s plan to “sandbox” documents in the next version of Office looks like a “very good step forward,” according to one security analyst.
Last week, Microsoft revealed more details about a new security feature in Office 2010, dubbed “Protected View,” that is designed to shut down the popular hacker tactic of feeding users rigged Word, Excel and PowerPoint files.  Read the full story [computerworld.com]


By Eric Schultze

Microsoft patched all Windows versions of PowerPoint today — addressing both a zero-day flaw [microsoft.com] and 13 other privately reported security vulnerabilities.   The zero-day vulnerability enabled attackers to take over client machines if a user opened a malformed powerpoint document or visited an evil website.  The attacker would be able to execute code on the user’s machine with the same level of permissions afforded to the logged on user.  (If the user was logged on as an administrator, the evil code could execute as admin.  If the user was logged on as a user-level account, then the evil code could only execute with user permissions and not admin permissions).

Microsoft has slapped a massive band-aid on its PowerPoint presentation software to cover at least 14 documented security vulnerabilities.
The MS09-017 update, rated “critical,” includes a fix for a known code execution flaw that was used to launch targeted exploits via rigged PowerPoint files. Read the full story [zdnet.com] Also see Microsoft’s explanation of the update [technet.com]

Exactly one month after malicious hackers started using rigged PowerPoint files to launch targeted attacks, Microsoft announced plans to ship a “critical” bulletin affecting its flagship presentation program.
The PowerPoint update is the only bulletin scheduled for this month’s Patch Tuesday on May 12, 2009 .  It is rated “critical” (remote code execution) for all supported versions of Microsoft Powerpoint 2000 through 2007.

Microsoft has issued an advisory to warn about an under-attack zero-day vulnerability affecting its PowerPoint software.
According to the pre-patch advisory, the flaw allows remote code execution if a user opens a booby-trapped PowerPoint file. The company described the attacks as “limited and targeted.”

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.