Ten tips for more secure sofware
Image from Shutterstock.com

The latest weapon hackers are using to get into many versions of Windows are PowerPoint slides.

Microsoft issued a security advisory this week on a vulnerability affecting all supported versions of Windows except WinServer 2003. So far, Microsoft says, the delivery vehicle is PowerPoint, but it could be any Office file with a malicious OLE object. While PCs with User Account Control will display a prompt for the user to allow the operating system to be modified, if approved the deed is done.

“The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that contains an OLE object.,” Microsoft warns. “An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.”

Another possible attack method is via the Web, if an attacker delivered a user — perhaps by clicking a link in an email or SMS message — to hosted a Web site with a page that contains a specially crafted Office file with the OLE object.  In all cases, however, an attacker would have no way to force users to visit these websites.

Security researcher Graham Cluley in a blog written for Lumension notes that Microsoft has a temporary fix for some PowerPoint versions. And users need to be warned not to open PowerPoints — or any other file — from unknown or untrusted sources. But, Cluley adds, that isn’t a substitute for a proper security patch.

At Computerworld U.S. Gregg Keizer said the vulnerability looks similar to one that Microsoft patched last week in its usual second Tuesday of the month fixes. He also drew attention to a blog from McAfee, which said that patch last week isn’t robust enough to shut the door on the Windows vulnerability.

Previous articleMicrosoft adds muscle to Azure
Next articlePrivacy Act goes to committee
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com