News

PowerPoint Security Bug Found in Office 2003

A new zero-day remote code execution vulnerability has come to Redmond's attention, this time affecting Microsoft Office PowerPoint.

A new zero-day remote code execution vulnerability has come to Redmond's attention, this time affecting Microsoft Office PowerPoint.

On Thursday, the software giant issued a security advisory about the potential exploit, which affects older Microsoft Office versions up through Office 2003. The current flagship Office 2007 product is not vulnerable.

Microsoft said it is only "aware of limited and targeted attacks that attempt to use this vulnerability." Users with fewer administrative rights could be less affected than those who have superuser or carte blanche access to enterprise systems, according to Redmond.

The attacks are triggered by getting users to click on a malicious Office file, either on a Web site or via an e-mail attachment, triggering malware on the user's workstation. To avoid such attacks, IT shops should have "untrusted software" policies in place, explained Paul Henry, security and forensic analyst at Lumension.

"This incident highlights the added value of application control in automatically affording protection by preventing any untrusted software," Henry said. "This [untrusted software] is software that is not explicitly permitted by policy and has been downloaded via the Internet, transferred via a USB stick or installed from a CD/DVD." The policy would prevent untrusted software from executing on a user's PC, he explained.

The PowerPoint flaw was considered "extremely critical" in a separate advisory issued on Friday by Secunia, a Denmark-based vulnerability research shop.

As a workaround, Redmond suggested that IT shops can modify the FileBlock policy in the registry to block the opening of untrusted Office 2003, and older, binary files. They can also use the Microsoft Office isolated conversion environment. This update works with Office 2003 and Office 2007 products to "more securely open Word, Excel and PowerPoint binary file formats," according to Microsoft.

Microsoft provides additional technical details on the PowerPoint vulnerability in its Microsoft Malware Protection Center and Microsoft Security Research & Defense blogs.

Microsoft plans to "continue to monitor the situation and post updates as we become aware of any important new information," according to the advisory.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.