Microsoft Confirms PowerPoint Zero-Day Attack

By Ryan Naraine  |  Posted 2006-07-13 Email Print this article Print


Modernizing Authentication — What It Takes to Transform Secure Access

A previously unknown software flaw in the widely used Microsoft Office presentation program is being used in targeted attacks traced to China.

First Word, then Excel, now PowerPoint.

For the third time in two months, a zero-day vulnerability in a widely used Microsoft Office software application is being used in targeted hacker attacks.

The latest attack exploits a previously undocumented flaw in Microsoft PowerPoint, the ubiquitous presentation program used by millions of users around the world.

The attack comes just days after Microsoft's July Patch Tuesday and closely mirrors the situation in June when a zero-day Excel attack was discovered 24 hours after Patch Day.

Virus hunters at Symantec linked the zero-day attack to a Trojan horse program called Trojan.PPDropper.B that arrives via e-mail from a Gmail address.

The subject line of the mail and the .ppt file-name are in Chinese characters, suggesting that the attacks are emanating from—and attacking targets—in the Far East.

If the PowerPoint attachment is opened, the Trojan drops and executes a variant of Backdoor.Bifrose.E, a keystroke logger that is used to steal sensitive information and send it back to a remote server controlled by malicious hackers.

Read the full story on Microsoft Confirms PowerPoint Zero-Day Attack



Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters