DATE(S) ISSUED: 4/3/2009 SUBJECT: Vulnerability in Microsoft PowerPoint OVERVIEW: A new vulnerability has been discovered in Microsoft PowerPoint, a slide presentation program. This vulnerability can be exploited by opening a malicious PowerPoint presentation (.PPT or .PPS file) received as an email attachment, or by visiting a web site that is hosting a malicious PowerPoint file. Successful exploitation could allow an attacker to gain the same user privileges as the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are confirmed reports that this vulnerability is being used for specific targeted attacks although more widespread exploitation may occur when additional details regarding this vulnerability become available. There is no patch for this vulnerability available at this time. SYSTEMS AFFECTED: * Microsoft Office 2000 Service Pack 3 * Microsoft Office 2002 Service Pack 3 * Microsoft Office 2003 Service Pack 3 * Microsoft Office 2004 for Mac
lol, a malicious slideshow. That's almost amazing enough to make up for it destroying people's computers.
So, how is it a malicious file? It's a power point presentation that hurts your eyes, or does it exec. commands that would be in a malware? Also, this doesn't effect Microsoft 08', and since most people use that now, making a malicious program targeted at a program that isn't used as much as another one seems stupid. For example, Say 100 people have Program#! and 5,000 have program#2, why would you make a virus for program#1?
Because program 2 might not be as easy to exploit. Because the same people are working on exploiting 2.