Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A security advisory from the company offers advice on how to guard against the exploit, and said that attacks have already been seen in the wild.
"Microsoft is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow remote code execution if a user opens a specially crafted PowerPoint file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability."
The warning should also serve as a reminder to office workers to not blindly open attachments. The nature of the vulnerability means that an attacker would have to convince users to visit a particular web site, and then persuade them to open the specially-crafted PowerPoint file.
Microsoft reminded companies that the enabler for many such attacks is often the human element.
"The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message," the security alert said.
Microsoft hinted at the possibility of a patch, suggesting that it could be included in its regular Patch Tuesday release, or as an out of cycle release, depending on customer needs.
In the meantime Microsoft offered a few workarounds. "Do not open or save Office files that you receive from un-trusted sources, or that are received unexpectedly from trusted sources," the firm warned.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.