Zero-Day PowerPoint Attacks Under Way
Page 1 of 1
Zero-Day PowerPoint Attacks Under Way
Microsoft warns of targeted exploits of unpatched flaw that could let attackers take control of victim's computer
Microsoft has coughed to a new zero-day vulnerability in its PowerPoint application which can allow remote code execution should an infected file be opened.
As reported over on BetaNews, the vulnerability – which has been confirmed by Microsoft and is detailed in the company's security advisory number 969136 – allows an attacker to execute code as the user account currently running PowerPoint. If you're running as an administrative account – as was the default in Windows XP and earlier – then said attacker has complete control over your system.
Microsoft is quick to play down the seriousness of the issue, stating that it is “aware only of limited and targeted attacks that attempt to use this vulnerability,” and points out the requirement for user interaction – the opening of the affected PowerPoint file.
Microsoft has coughed to a new zero-day vulnerability in its PowerPoint application which can allow remote code execution should an infected file be opened.
As reported over on BetaNews, the vulnerability – which has been confirmed by Microsoft and is detailed in the company's security advisory number 969136 – allows an attacker to execute code as the user account currently running PowerPoint. If you're running as an administrative account – as was the default in Windows XP and earlier – then said attacker has complete control over your system.
Microsoft is quick to play down the seriousness of the issue, stating that it is “aware only of limited and targeted attacks that attempt to use this vulnerability,” and points out the requirement for user interaction – the opening of the affected PowerPoint file.
andry- Moderator
- Posts : 467
Join date : 2010-05-07
Similar topics
» PDF Silent HTTP Form Repurposing Attacks
» Interception Attacks Against SSL
» Side Channel Attacks in SSL
» Automated SEO poisoning attacks explained
» Protecting Browsers from DNS Rebinding Attacks
» Interception Attacks Against SSL
» Side Channel Attacks in SSL
» Automated SEO poisoning attacks explained
» Protecting Browsers from DNS Rebinding Attacks
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|