September 2006
Microsoft Security Advisory (925984) - Vulnerability in PowerPoint Could Allow Remote Code Execution
ID: 00660
Ref: 633/2006
Date: 28 September 2006:13:00:01
Version: 1
Title: Microsoft Security Advisory (925984) - Vulnerability in PowerPoint Could Allow Remote Code Execution
Abstract: A vulnerability in PowerPoint Could Allow Remote Code Execution.
Vendors affected: Microsoft
Operating systems affected: Microsoft
Applications affected: Microsoft
Microsoft is investigating new public reports of limited #zero-day# attacks
using a vulnerability in Microsoft PowerPoint 2000, Microsoft PowerPoint 2002,
Microsoft Office PowerPoint 2003, Microsoft PowerPoint 2004 for Mac, and Microsoft
PowerPoint v. X for Mac.
In order for this attack to be carried out, a user must first open a malicious
PowerPoint file attached to an e-mail or otherwise provided to them by an attacker.
As a best practice, users should always exercise extreme caution when opening
unsolicited attachments from both known and unknown sources. Microsoft has added
detection to the Windows Live OneCare safety scanner for up-to-date removal of
malicious software that attempts to exploit this vulnerability.
Published: September 27, 2006
Full advisory:
URL: http://www.microsoft.com/technet/security/advisory/925984.mspx