News Stay informed about the latest enterprise technology news and product updates.

More attacks on PowerPoint, IE

A day after Microsoft released a fix for a flaw in the VML implementation in Internet Explorer, it's having to confirm a new zero-day attack on PowerPoint and exploits targeting IT.

Just a day after Microsoft rushed out the fix for a flaw in the Vector Markup Language implementation in Internet Explorer, it's having to confirm a new zero-day attack on PowerPoint and exploits targeting IT.

The PowerPoint attack relies on an end user opening a malicious file provided through email or other methods. The flaw comes from the way PowerPoint handles malformed documents.

Until it's patched, Microsoft suggests customers use PowerPoint Viewer 2003, which doesn't contain the flaw, to view documents, and not opening documents from untrusted sources.

The Internet Explorer flaw "is caused due to an integer overflow error in the 'setSlice()' method in the 'WebViewFolderIcon' ActiveX control," according to an advisory from the Danish security-information clearinghouse Secunia. "This can be exploited to corrupt memory when visiting a malicious Web site."

To read the original version of this story, visit SearchSecurity.com.

Dig Deeper on Application security and data protection

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchDataManagement

SearchBusinessAnalytics

Close