Video Screencast Help
Security Response

Exploit for vulnerability in Chinese version of Microsoft PowerPoint

Created: 19 Sep 2006 07:00:00 GMT • Updated: 23 Jan 2014 18:56:58 GMT
Symantec Security Response's picture
0 0 Votes
Login to vote

Symantec Security Response is aware of anexploit currently running in the wild on a vulnerability in MicrosoftPowerPoint. The exploit targets Chinese language versions of Office2000 running on Chinese language versions of Windows XP. Thus far, thisattack is not widespread and there is no reason to believe it willbecome more prevalent, based on our experience with similar attacksthis year. This is a continuation of the trend (which we have beentracking throughout this year) toward exploiting vulnerabilities inMicrosoft Office applications in order to install malware—mainlyTrojans.

It is not currently known if other languages or versions areaffected by the underlying vulnerability. Symantec has releasedantivirus definitions that detect this threat as Trojan.PPDropper. Allof the normal advice applies here (i.e., don't open attachments frompeople you don't know or are not expecting them from and keep yourantivirus and security solutions up to date).

Update: It has been reported to Symantec SecurityResponse that the Microsoft PowerPoint vulnerability being exploitedmay be patched and as such, the content above has been modifiedaccordingly. Currently, the vulnerability is being investigated furtherand awaiting confirmation.