PowerPoint problem tops off busy month for MS.
Yet another vulnerability has been revealed in a
Microsoft
product, this time in the
PowerPoint
slideshow software.
The problem is reportedly already being exploited in the wild by several dropper trojans. The vulnerability is described by
Secunia
as ‘extremely critical’.
Microsoft
has been criticised, by
McAfee
among others, for apparently knowing about the flaw but keeping quiet about it. According to
McAfee
bloggers, identities were released quietly for
OneCare
on September 23rd, to protect against two of the trojans known to be exploiting the hole.
This latest issue just a day after the widely publicised VML flaw was hurriedly patched by
Microsoft
in a break to their usual patching cycle.
The
Secunia
alert is
here
. An entry in the
AVERT
blog is
here
.
Posted on 28 September 2006 by
Virus Bulletin
Leave a Reply