Zero-day attacks continue to hit Microsoft

Advertisement (Why?)

Microsoft issued a rare, out-of-cycle Windows patch on Tuesday that fixed one flaw, but attacks through other known, yet-to-be-plugged holes continue. Microsoft on Wednesday warned of "limited zero-day attacks" that exploit a new flaw in PowerPoint, Microsoft's widely used presentation tool. For the attack to be carried out, a user must first open a malicious PowerPoint file attached to an e-mail or otherwise provided to them by an attacker, Microsoft said in a security advisory.

"This issue can allow remote attackers to execute arbitrary code on a vulnerable computer," Symantec said in an alert sent to customers. The flaw affects PowerPoint in Office 2000, Office XP and Office 2003 on Windows and Apple Computer's Mac OS X, it said. Attacks appear to be aimed at specific targets, Symantec said.

For temporary protection against PowerPoint attacks, Microsoft suggests keeping security software up-to-date and not opening presentations files from untrusted sources. Also, PowerPoint Viewer 2003 is not vulnerable, the company said.

Link: Microsoft Security Advisory (925984)

View: Full Article @ C|Net News

(1 reply) #1 Croquant on 28 Sep 2006 - 19:06

So, as always, if you're using OpenOffice, you're safe.

#1.1 Andareed on 28 Sep 2006 - 21:59

And when there's a flaw in OO, you're safe using MS Office

#2 ThaCrip on 29 Sep 2006 - 05:29

i dont use office in general much... but i do think openoffice seems great.

also... @ Andareed ... u might be right, but the fact of the matter is not many people will target openoffice since it aint as "mainstream" as MS office is... so basically generally speaking, openoffice is probably "safer" to use even if both have flaws in them.

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Neowin.net