Symantec, McAfee agree Microsoft PowerPoint vulnerability was patched

By
Follow google news

Two leading anti-virus firms, who were debating the existence of an unpatched Microsoft PowerPoint vulnerability, now both agree the hole was sealed in Redmond's security update on Tuesday.


Symantec initially released an advisory on Tuesday describing Trojan.PPDropper.G, which the security company said attempts to take advantage of "a previously unknown vulnerability in Microsoft PowerPoint to drop other threats on a compromised computer."

The SANS Internet Storm Center lists the PowerPoint hole as a "missing" Microsoft fix and ranks its potential effect on clients as "critical."

McAfee Avert Labs’ Craig Schmugar, meanwhile, said testing determined that the PowerPoint flaw was fixed when Microsoft released bulletin MS07-015 on Tuesday. That patch also addressed an Office zero-day exploit reported on Feb. 2.

"This testing suggests Trojan.PPDropper.G may in fact be a PowerPoint version of the Office zero-day exploit [targeting Excel]," Schmugar said.

"Symantec has admitted "this threat will not execute on computers that have installed the update" from Microsoft.

A Microsoft spokesman told SCMagazine.com today that the software giant agreed with McAfee's original assessment and encouraged users to enable their machines to receive automatic updates.

In total, Tuesday’s release by Microsoft addressed eight vulnerabilities in versions of Office, Word, Excel and PowerPoint. At least six were being actively exploited.

Click here to email reporter Dan Kaplan.
Got a news tip for our journalists? Share it with us anonymously here.
Tags:
mcafeemicrosoftpatchedpowerpointsecuritysymantecvulnerabilitywas

Sponsored Whitepapers

Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?

Events

Most Read Articles

National photo licence recognition system set to go live in 2025

National photo licence recognition system set to go live in 2025
Age verification IDs taken in Discord data breach

Age verification IDs taken in Discord data breach
Qantas says customer data released by cyber criminals

Qantas says customer data released by cyber criminals
NSW gov contractor uploaded Excel spreadsheet of flood victims' data to ChatGPT

NSW gov contractor uploaded Excel spreadsheet of flood victims' data to ChatGPT
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?