PowerPoint hit by new zero-day exploit

By
Follow google news

Microsoft warns flaw could allow remote code execution.

PowerPoint hit by new zero-day exploit
A new vulnerability in Office has emerged just two days after Microsoft's monthly patch release on 10 October. 

The Microsoft Security Response Centre warned in a blog posting that a new vulnerability in PowerPoint could allow remote code execution. 

The vulnerability has only been presented as proof-of-concept code meaning that, although a security flaw has been found, there is no evidence of any exploit code or active attacks taking place.

Microsoft issued four patches on Tuesday for vulnerabilities in Office that allowed for remote execution of code.

In one case, attackers were using specially crafted files to target another vulnerability in PowerPoint in order to gain access to a system and run malware.

The US Computer Emergency Readiness Team urges users to avoid opening attachments in unsolicited emails and to scan all attachments with an antivirus program before running the code.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
byexploithitnewpowerpointsecurityzeroday

Sponsored Whitepapers

Fintech compliance made fast and secure
Fintech compliance made fast and secure
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
How to evaluate SIEM solutions Safeguarding your future Get a demo Download guide
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
2025 Security operations insights: Three-quarters of security leaders need something new in SIEM
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
Sumo Logic named in the 2025 Gartner Critical Capabilities for Security Information and Event Management (SIEM)
The cloud tipping point
The cloud tipping point

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

Telstra used ConnectID impermissibly for months
Two US cyber experts plead guilty to cooperating with ALPHV Blackcat

Two US cyber experts plead guilty to cooperating with ALPHV Blackcat
Three spyware-linked executives removed from US sanctions list

Three spyware-linked executives removed from US sanctions list
Murray Irrigation landholder data accidentally leaked

Murray Irrigation landholder data accidentally leaked
techpartner.news logo
Sydney-based AI-cloud waste startup raises $3m
Sydney-based AI-cloud waste startup raises $3m
Brennan uses NiCE to modernise its contact centre
Brennan uses NiCE to modernise its contact centre
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Impact Awards: Tecala slashes customer response times for fintech IQumulate
Interactive introduces private cloud platform
Interactive introduces private cloud platform
Digital61 expands cybersecurity portfolio
Digital61 expands cybersecurity portfolio

Log In

  |  Forgot your password?