Symantec initially released an advisory on Tuesday describing Trojan.PPDropper.G, which the security company said attempts to take advantage of "a previously unknown vulnerability in Microsoft PowerPoint to drop other threats on a compromised computer."
The SANS Internet Storm Center lists the PowerPoint hole as a "missing" Microsoft fix and ranks its potential effect on clients as "critical."
McAfee Avert Labs’ Craig Schmugar, meanwhile, said testing determined that the PowerPoint flaw was fixed when Microsoft released bulletin MS07-015 on Tuesday. That patch also addressed an Office zero-day exploit reported on Feb. 2.
"This testing suggests Trojan.PPDropper.G may in fact be a PowerPoint version of the Office zero-day exploit [targeting Excel]," Schmugar said.
"Symantec has admitted "this threat will not execute on computers that have installed the update" from Microsoft.
A Microsoft spokesman told SCMagazine.com today that the software giant agreed with McAfee's original assessment and encouraged users to enable their machines to receive automatic updates.
In total, Tuesday’s release by Microsoft addressed eight vulnerabilities in versions of Office, Word, Excel and PowerPoint. At least six were being actively exploited.
Click here to email reporter Dan Kaplan.
Symantec, McAfee agree Microsoft PowerPoint vulnerability was patched
By Dan Kaplan on Feb 15, 2007 6:21AM