This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempt to a remote code execution vulnerability in Microsoft PowerPoint application.
Microsoft PowerPoint is a presentation application.
Microsoft PowerPoint is prone to a remote code-execution vulnerability caused by an error that occurs when processing a specially crafted PowerPoint file. Specifically, this occurs when validating an invalid 'TimeColorBehaviorContainer' floating point record in a malicious PowerPoint file.
An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file.
An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will cause a denial-of-service condition.
Vendor has released an advisory to fix this issue. Please visit the vendor's website for further details.