An initial inquiry by Redmond, Wash.,-based Microsoft revealed that there is no new zero-day vulnerability in the Microsoft Office program, according to a Microsoft spokesman who had consulted with Microsoft Security Response Center representatives.
Microsoft has been fending off exploits for a flaw in Office since its 12-fix Patch Tuesday release earlier this month.
Trend Micro released an advisory over the weekend detailing an exploit that takes advantage of an unknown flaw for PowerPoint.
Redmond is working with other members of the Microsoft Security Response Alliance to further investigate flaws in PowerPoint, the spokesman said.
In an advisory released over the weekend, Trend Micro said it received samples late last week of a trojan - dubbed TROJ_MDROPPER.BH - that exploits the flaw. The anti-virus vendor rated the malware's risk "low" with "medium" damage potential.
The trojan arrives as a PowerPoint file and must be downloaded by an unsuspecting user or downloaded by other malware. Once downloaded, the trojan drops randomly named malicious executable files into the Windows temporary folder.
To contact online editor Frank Washkuch Jr., click here.
_(20).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
