Microsoft discovers new Windows zero-day exploiting PowerPoint

By

All Windows versions affected except Server 2003.

Microsoft has detailed a new remote code execution vulnerability using malicious PowerPoint documents sent as email attachments, which affects nearly all supported releases of Windows.

Microsoft discovers new Windows zero-day exploiting PowerPoint

The vulnerability has only so far been used in limited, targeted, attacks, Microsoft said in a security advisory, but could allow attackers to gain the same rights as the legitimate user if the user opens an affected Microsoft Office file containing an OLE (Object Linking and Embedding) object.

In the attacks Microsoft has so far identified, a User Account Control (UAC) prompt was raised when the user opened the affected document. 

"In an email attack scenario, an attacker could exploit the vulnerability by sending a specially-crafted file to the user," Microsoft advised.

"For this attack scenario to be successful, the user must be convinced to open the specially crafted file containing the malicious OLE object. All Microsoft Office file types as well as many other third-party file types could contain a malicious OLE object."

Given the vulnerability would allow an attacker to gain control of the system with the same privileges as the user, users with administrative accounts are more susceptible to damage.

Users with fewer rights will limit the damage the attacker can cause, Microsoft said.

All supported releases of Windows except Server 2003 are affected.

"Files from the internet and from other potentially unsafe locations can contain viruses, worms, or other kinds of malware that can harm your computer," Microsoft stated in its advisory.

"To help protect your computer, files from these potentially unsafe locations are opened in Protected View. By using Protected View, you can read a file and see its contents while reducing the risks. Protected View is enabled by default."

The software giant has released a workaround to stop the PowerPoint attacks until a patch is available, but Microsoft warned it does not address other attacks that could be built to exploit the vulnerability.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
hackmicrosoftpowerpointsecuritysoftwarewindowszeroday

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?