News Stay informed about the latest enterprise technology news and product updates.

More attacks on PowerPoint, IE

A day after Microsoft released a fix for a flaw in the VML implementation in Internet Explorer, it's having to confirm a new zero-day attack on PowerPoint and exploits targeting IT.

Just a day after Microsoft rushed out the fix for a flaw in the Vector Markup Language implementation in Internet Explorer, it's having to confirm a new zero-day attack on PowerPoint and exploits targeting IT.

The PowerPoint attack relies on an end user opening a malicious file provided through email or other methods. The flaw comes from the way PowerPoint handles malformed documents.

Until it's patched, Microsoft suggests customers use PowerPoint Viewer 2003, which doesn't contain the flaw, to view documents, and not opening documents from untrusted sources.

The Internet Explorer flaw "is caused due to an integer overflow error in the 'setSlice()' method in the 'WebViewFolderIcon' ActiveX control," according to an advisory from the Danish security-information clearinghouse Secunia. "This can be exploited to corrupt memory when visiting a malicious Web site."

To read the original version of this story, visit SearchSecurity.com.

Dig Deeper on MSPs and cybersecurity

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

MicroscopeUK

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchDataManagement

SearchBusinessAnalytics

Close