September 28th, 2006, 08:25 AM
New vulnerability in Powerpoint
Mitigating Factors for Microsoft PowerPoint Remote Code Execution Vulnerability:
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less affected than users who operate with administrative user rights.
In a Web-based attack scenario, an attacker would have to host a Web site that contains a PowerPoint file that is used to attempt to exploit this vulnerability. In addition, compromised Web sites and Web sites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. An attacker would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker's site.
The vulnerability cannot be exploited automatically through e-mail. For an attack to be successful a user must open an attachment that is sent in an e-mail message.
Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a document.
Microsoft has tested the following workarounds. While these workarounds will not correct the underlying vulnerability, they help block known attack vectors. When a workaround reduces functionality, it is identified in the following section.
Use PowerPoint Viewer 2003 to open and view files. PowerPoint Viewer 2003 does not contain the vulnerable code and is not susceptible to this attack. To download the PowerPoint Viewer 2003 for free, visit the following website.
Do not open or save PowerPoint files that you receive from un-trusted sources or that you receive unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a specially crafted PowerPoint file.
Powerpoint Viewer :
CISSP, CISM, CISA, SSCP
*Thank you GOD*
Greater the Difficulty, SWEETER the Victory.
Believe in yourself.
September 28th, 2006, 11:54 PM
Well, thinking on it, I would suggest that it probably isn't that serious.
Home users are the current target and most of them won't have powerpoint, or if they do, it will only be the free reader that is not affected.
I say this because full blown versions of MS office are expensive. Most of the bundled stuff is MS Works, which doesn't include Powerpoint.
In a corporate environment the most likely victims will (or should! ) have very limited privileges anyway, if the company has implemented a decent security model.
Powerpoint has always been a potential attack vector but has never really been exploited because of its small user base compared to Word, Excel and Outlook.
Just my £0.02