Clark Computer Consulting

Microsoft has issued a  warning about a new zero day exploit in PowerPoint. A zero-day exploit is one that takes advantage of a security vulnerability on the same day that the vulnerability becomes generally known.

From Microsoft

"Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file," said the advisory. "At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability."

There is currently no fix for this latest exploit. Microsft has suggested not opening files from untrusted sources.

The vulnerability affects Microsoft Office 2000 SP3, 2002 SP3 and 2003 SP3. Please check the following links for more information on this new Microsoft PowerPoint Exploit.

http://news.cnet.com/8301-1009_3-10211443-83.html?part=rss&subj=news&tag=2547-1_3-0-20

http://blogs.technet.com/mmpc/archive/2009/04/02/new-0-day-exploits-using-powerpoint-files.aspx

http://news.zdnet.co.uk/security/0,1000000189,39636360,00.htm

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9131040&intsrc=news_ts_head

http://www.pcworld.com/article/162562/after_conficker_a_powerpoint_zeroday_flaw.html

http://www.microsoft.com/technet/security/advisory/969136.mspx

http://vil.nai.com/vil/content/v_vul42288.htm