New 0day PowerPoint Exploit

McAfee is warning that a new 0day PowerPoint exploit has been seen in the wild. Currently being used in targeted attacks. Remote code execution possible. Microsoft may have quietly added protection for it to their own antivirus program without alerting the security community.

http://www.nist.org/news.php?extend.173

does avast detected it ???

Al968

Thanks for the heads up drhayden1!

Microsoft may have quietly added protection for it to their own antivirus program without alerting the security community.

That was nice of them!

With all the holes, they should just rename it Microsoft Orifice. :stuck_out_tongue:

Incidentally, security updates for Office products don’t always come up on Windows Update- it’s worth checking at Office Update. I found I had a Word vulnerability even after updating at Windows Update!

http://office.microsoft.com/en-us/officeupdate/default.aspx

actually now its Microsoft office ;D
http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=fr
That shows all the updates

Al968

Patch coming Tuesday!

http://blog.washingtonpost.com/securityfix/2006/10/microsoft_to_issue_eleven_patc.html

Yeah, those second tuesday of the month updates ;D

Al968