Microsoft finally released on Tuesday the patch for the PowerPoint vulnerability that has been exploited by cybercriminals early last month. The said update patches 14 Microsoft PowerPoint vulnerabilities, 11 of which were rated as critical, Microsoft’s highest threat ranking. It provides fixes for some versions of Microsoft Office, including 2000, XP, 2003 and 2007.
However, this batch of patches does not address Office 2004 and 2008 on Macs, which suffer from the same vulnerabilities. According to the Microsoft Security Bulletin MS09-017, the updates for Mac are “still in development.”
This update resolves a publicly disclosed vulnerability and several privately reported vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. This vulnerability was exploited to full effect when cybercriminals fashioned PowerPoint files and sent them to unknowing users. These files, when opened, drop a couple of malware (KUPS variants) that perform several suspicious activities including sending a list of the PC’s contents to a certain IP address.
Users are strongly advised to update their system with this latest patch immediately. Moreover, until Microsoft issues a security fix for Mac versions of Office, Mac users are encouraged to exercise caution in opening PowerPoint files that come from doubtful sources, especially spam messages and online downloads. Trend Micro Smart Surfing for Mac blocks IMs and email links that lead to malware that attempt to exploit these vulnerabilities.
- New Exploit Takes on MS PowerPoint
- April 2009 Patch Tuesday Release
- Trend Micro Security Advisory for MS09-017
OfficeScan users with Intrusion Defense Firewall plugin installed are protected from this threat if they have updated to the latest filters (IDF09014).