Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have advised
companies to exercise care over which PowerPoint presentations
their users open, as businesses wait for Microsoft to fix an
unpatched PowerPoint vulnerability.
Microsoft has confirmed that a critical vulnerability exists in
PowerPoint 2000, PowerPoint 2002 and PowerPoint 2003 which can
allow malicious attackers to run unauthorized code on users'
computers. According to the company, it is scheduled to issue a fix
on Tuesday 8 August or earlier if required.
"PowerPoint is commonly used in the business environment for
delivering corporate presentations. Hackers may attempt to trick
workers into opening malicious PPT attachments that could exploit
the flaw and install malware onto Windows computers," said Graham Cluley, senior
technology consultant for Sophos. "Many have experienced the
soul-destroying feeling of sitting through a far-too-long corporate
presentation, but this critical flaw could deliver a far more
serious case of 'Death by PowerPoint'."
Microsoft has published information about the vulnerability in
an advisory on its website.
"Once a PC has been infected by a backdoor Trojan, hackers can
gain access to the computer to spy, to steal, to plant further
malicious software, or to launch spam and/or denial-of-service
attacks. Many eyes will now be looking to Microsoft, to see how
quickly they can release a critical security fix for their
PowerPoint program," continued Cluley. "Everyone needs to exercise
caution over which files they choose to open on their Windows
PC."
Last week, Sophos experts warned
of a malicious Chinese PowerPoint PPT file which contained exploit
code that drops the Troj/Edepol-C keylogging
Trojan horse onto users' computers.
The Trojan horse also attempts to disable anti-virus products
running on the infected computer.
The PowerPoint presentation secretly drops a
Trojan horse onto computers.
Sophos has been protecting against the Troj/Edepol-C Trojan
horse dropped by the Microsoft PowerPoint file since 14:01 GMT,
Friday 14 July, but warns that hackers could exploit the PowerPoint
vulnerability to spread new Trojan horses.
Sophos recommends companies put in place a consolidated solution to defend against viruses,
spyware and spam, and ensure that it is automatically updated as
new threats emerge.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.