Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Microsoft finally released on Tuesday the patch for the PowerPoint vulnerability that has been exploited by cybercriminals early last month. The said update patches 14 Microsoft PowerPoint vulnerabilities, 11 of which were rated as critical, Microsoft’s highest threat ranking. It provides fixes for some versions of Microsoft Office, including 2000, XP, 2003 and 2007.

    However, this batch of patches does not address Office 2004 and 2008 on Macs, which suffer from the same vulnerabilities. According to the Microsoft Security Bulletin MS09-017, the updates for Mac are “still in development.”

    This update resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. This vulnerability was exploited to full effect when cybercriminals fashioned PowerPoint files and sent them to unknowing users. These files, when opened, drop a couple of malware (KUPS variants) that perform several suspicious activities including sending a list of the PC’s contents to a certain IP address.

    Users are strongly advised to update their system with this latest patch immediately. Moreover, until Microsoft issues a security fix for Mac versions of Office, Mac users are encouraged to exercise caution in opening PowerPoint files that come from doubtful sources, especially spam messages and online downloads. Trend Micro Smart Surfing for Mac blocks IMs and email links that lead to malware that attempt to exploit these vulnerabilities.

    Related posts:

    OfficeScan users with Intrusion Defense Firewall plugin installed are protected from this threat if they have updated to the latest filters (IDF09014).

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice