Several ISC readers shared with us a link to Microsoft's advisory 969136, which describes a zero-day vulnerability in PowerPoint.
You can also find the description of the exploit observed in the wild on the Microsoft Malware Protection Center blog, and additional technical details on the Microsoft Security Research & Defense blog. Kudos to Microsoft for being so transparent about the incidents! (Thanks for the links, Juha-Matti.)
The CVE placeholder for this vulnerability is CVE-2009-0556 (not live as of this writing).
If you have observed the exploit in the wild and can share the details with us, please let us know.
Lenny Zeltser - Security Consulting
Lenny teaches malware analysis at SANS Institute. You're welcome to follow him on Twitter. You can track new Internet Storm Center diaries by following ISC on Twitter.
Apr 3rd 2009
9 years ago