More Microsoft vulnerability woes


PowerPoint problem tops off busy month for MS.

Yet another vulnerability has been revealed in a

Microsoft

product, this time in the

PowerPoint

slideshow software.

The problem is reportedly already being exploited in the wild by several dropper trojans. The vulnerability is described by

Secunia

as ‘extremely critical’.

Microsoft

has been criticised, by

McAfee

among others, for apparently knowing about the flaw but keeping quiet about it. According to

McAfee

bloggers, identities were released quietly for

OneCare

on September 23rd, to protect against two of the trojans known to be exploiting the hole.

This latest issue just a day after the widely publicised VML flaw was hurriedly patched by

Microsoft

in a break to their usual patching cycle.

The

Secunia

alert is

here

. An entry in the

AVERT

blog is

here

.

Posted on 28 September 2006 by

Virus Bulletin


Posted

in

by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *