Oslo, Norway 3 April 2009 – Norman warns about a targeted attack exploiting an unpatched vulnerability in Microsoft Office PowerPoint. If successfully exploited, an infected PowerPoint file could enable hackers to take control of the victim's computer. If a user is compromised the attacker gains the same user rights as the local user.
The PowerPoint file that exploits the vulnerability is received as an e-mail attachment, or as links in an Instant Messenger message. The link directs the user to a web portal were the infected file can be downloaded. To get infected the user must click the file on the portal or the attachment and run the file.
We recommend all users to act carefully when using Internet services, avoid visiting new and unknown websites, and not to open email attachments from unknown submitters.
Customers using Norman antivirus and antispyware products are proactive protected by Norman’s new generic exploit-detection technology.
The products impacted by the vulnerability are: Microsoft Office PowerPoint 2000 Service Pack 3, Microsoft Office PowerPoint 2002 Service Pack 3 and Microsoft Office PowerPoint 2003 Service Pack 3. Microsoft Office PowerPoint 2007 is unaffected.
Useful links:
http://www.microsoft.com/technet/security/advisory/969136.mspx
Users needing a protecting security system can click here.
For further information, please contact:
Audun Lødemel, Marketing Director, Norman ASA, M: +47 934 465 31
