In association with heise online

21 September 2006, 16:27

"New" vulnerability in PowerPoint in fact long since plugged

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Symantec has revised its report on the recently discovered PowerPoint trojan PPDropper.E and is no longer talking about a new vulnerability. Rather, the malware infiltrates via a vulnerability discovered as long ago as March, for which updates have long been available. For this problem at least, the all-clear can be sounded. Unfortunately, three further vulnerabilities remain open, two in Internet Explorer and one in Word.

Trend Micro also raised a false alarm in July with their analysis of the PowerPoint trojan TROJ_MDROPPER.BH, initially claiming it to be a new vulnerability. It quickly became clear that this vulnerability was also old hat. Both PPDropper.E and TROJ_MDROPPER.BH exploit the same vulnerability in Office.

The misdiagnosis by security products manufacturers shows just how frantic the situation in the security field is at present. On the one hand, customers need to be warned of and protected from new threats as quickly as possible. On the other, the publication of a new vulnerability pushes the discoverer into the public eye and brings attention and appreciation to the security industry. Clearly this competition is leading to analyses being carried out without the necessary care and attention, and bulletins being released without waiting for confirmation from other specialists.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit