A security advisory from the company offers advice on how to guard against the exploit, and said that attacks have already been seen in the wild.
"Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability."
The warning should also serve as a reminder to office workers to not blindly open attachments. The nature of the vulnerability means that an attacker would have to convince users to visit a particular web site, and then persuade them to open the specially-crafted PowerPoint file.
Microsoft reminded companies that the enabler for many such attacks is often the human element.
"The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message," the security alert said.
Microsoft hinted at the possibility of a patch, suggesting that it could be included in its regular Patch Tuesday release, or as an out of cycle release, depending on customer needs.
In the meantime Microsoft offered a few workarounds. "Do not open or save Office files that you receive from un-trusted sources, or that are received unexpectedly from trusted sources," the firm warned.