"The PowerPoint team has developed a fix for this bug, and it will go into the next available ship vehicle for PowerPoint," the post said.
Vulnerability monitoring firm Secunia, which first labeled the flaw "highly critical" in response to Microsoft's initial advisory in early October, has downgraded the rating to "not critical."
"Originally, Microsoft stated, contrary to Secunia's internal findings, that successful exploitation could allow execution of arbitrary code," Secunia's updated advisory said. "However, Microsoft has now officially retracted this statement and concludes in thread with Secunia that it's only possible to crash the application."
The vulnerability is caused by dereferencing, or accessing the value that a reference refers to, a NULL pointer while processing a malformed PowerPoint file.
Click here to email Dan Kaplan.