By: In the midst of back-to-back zero-day attacks against select businesses in the Far East, Microsoft on July 17 released a security advisory with a terse message: Do not open or save unexpected Microsoft Office files, even if they come unexpectedly from a trusted source.
The company's advisory comes less than a week after virus hunters discovered that a previously undocumented flaw in Microsoft PowerPoint was being exploited to plant a keystroke logger on infected Windows systems.
Microsoft confirmed that the vulnerability exists in Microsoft PowerPoint 2000, Microsoft PowerPoint 2002 and Microsoft PowerPoint 2003, and said a patch is being developed and tested for release on August 8.
“In order for this attack to be carried out, a user must first open a malicious PowerPoint document attached to an e-mail or otherwise provided to them by an attacker,” the Redmond, Wash., software giant said.
There are no pre-patch workarounds in the advisory. Instead, Microsoft said Windows users should avoid opening or saving Office files, especially those that arrive from untrusted sources.
If an Office file - Word, Excel or PowerPoint - arrives unexpectedly from a trusted source, the advice remains the same.
Read the full story on eWEEK.com: MS Advisory: Beware Unexpected PowerPoint Files
