Following up on the reported targeted malware attacks yesterday regarding a Powerpoint Trojan-Dropper exploiting a 0day vulnerability in MS Powerpoint, now comes three proof-of-concept codes targeting the same application.

Incidentally, these 3 new POCs have been released by the author (going by the handle of “naveed”) who was also known to have been responsible for at least one of the POCs for the XLS 0days last June and which have been recently patched by MS06-037.

The three released codes supposedly disclosed vulnerabilities such as:

1) A bug in the mso.dll (a shared MS Office library) file
2) Memory corruption
3) And one regarding an unspecified vulnerability.

All have been tested against Powerpoint 2003, but then again, the codes may also affect other versions and other MS Office applications as well.

Trend is now analyzing the proof-of-concept codes and we will soon post updates so do stay tuned!