Endpoint Protection

Well, it seems that things will never get too boring around here inSymantec Security Response. There is a new, in-the-wild threat runningaround on the Internet that is exploiting a previously undisclosedvulnerability in Microsoft PowerPoint.

In particular,attackers can create specially crafted PowerPoint files to exploit thevulnerability. These files can then be special delivered to yourcomputer via your Inbox as an attachment, or perhaps placed on Webpages for downloading (like a wolf in sheep’s clothing). All you haveto do is open the file—and WHAMMO!—the vulnerability is triggered,potentially allowing the attacker to run his or her code on yourmachine.

At this point in time, we have discovered a Trojan attached to thePowerPoint exploits that we’ve seen in the wild, and made antivirussignatures available for it; the Trojan is detected as Trojan.PPDropper.B.As always, we’ll continue to monitor the situation and provide updatesas appropriate. In the meantime, safe surfing, and be wary of strangersbearing “gifts” online.