Microsoft reacts to PowerPoint security vulnerability
Microsoft has issued a security bulletin concerning the most recently exploited vulnerabilities in PowerPoint. The vulnerabilities were discovered last week, after which further demonstration code appeared on the web.
According to the security bulletin, Microsoft has now developed a patch, which is currently undergoing testing for compatibility and stability. It should be released on the next patch day on August 8, or possibly earlier.
PowerPoint versions 2000, 2002 and 2003 are affected by the vulnerability. In order to trigger the error in the application, the user must open manipulated documents. According to Microsoft, only PowerPoint 2000 will open these documents automatically from Outlook or Internet Explorer.
Microsoft recommends initially opening PowerPoint presentations from unknown sources using the PowerPoint Viewer, as this product does not include the vulnerable code. If it is not possible to use the Viewer, users should simply not open presentations from unknown or untrusted sources.
- Vulnerability in PowerPoint Could Allow Remote Code Execution, Microsoft security bulletin
- Download the PowerPoint Viewer 2003