Old PowerPoint formats have become dangerous.
Microsoft warns about cases of hacker attacks through old-version PPT files. Experts of the company learned about the existence of a hole after the fact, after the appearance of an exploit (even a few exploits ) and after the start of sending infected files. That is, this is a zero-day vulnerability for which there is no patch yet.
The vulnerability affects PowePoint 2000 SP3, 2002 SP3 and 2003 SP3 file formats, as well as Office 2004 for Mac. After opening an infected file, PowerPoint accesses the “wrong” object in the RAM, after which the malicious program obtains the rights to execute any code and starts downloading Trojans from the Internet.
According to Microsoft, hacker attacks have not yet become widespread, and are aimed only at strictly certain people. Microsoft does not promise to release a separate patch and does not even promise to include a patch in its monthly cumulative patch on April 14 (after all, we are talking about old versions of programs). Ordinary users can only use the Microsoft Office Isolated Conversion Environment (MOICE) utility to convert files into the Office 2007 format, as well as activate the Microsoft Office File Block option in the Windows registry to restrict the opening of Office 2003 and earlier versions.
')
Recall that a similar zero-day vulnerability for Excel was discovered five weeks ago. Simple users of MS Office programs ask themselves a natural question: when will it end? According to experts, never. Because Microsoft cannot fully test all old versions of MS Office formats, but is obliged to maintain backward compatibility with them.
via ZDNet UK
The vulnerability affects PowePoint 2000 SP3, 2002 SP3 and 2003 SP3 file formats, as well as Office 2004 for Mac. After opening an infected file, PowerPoint accesses the “wrong” object in the RAM, after which the malicious program obtains the rights to execute any code and starts downloading Trojans from the Internet.
According to Microsoft, hacker attacks have not yet become widespread, and are aimed only at strictly certain people. Microsoft does not promise to release a separate patch and does not even promise to include a patch in its monthly cumulative patch on April 14 (after all, we are talking about old versions of programs). Ordinary users can only use the Microsoft Office Isolated Conversion Environment (MOICE) utility to convert files into the Office 2007 format, as well as activate the Microsoft Office File Block option in the Windows registry to restrict the opening of Office 2003 and earlier versions.
')
Recall that a similar zero-day vulnerability for Excel was discovered five weeks ago. Simple users of MS Office programs ask themselves a natural question: when will it end? According to experts, never. Because Microsoft cannot fully test all old versions of MS Office formats, but is obliged to maintain backward compatibility with them.
via ZDNet UK
Source: https://habr.com/ru/post/56559/
All Articles