For the third time in two months, a zero-day vulnerability in a widely used Microsoft Office software application is being used in targeted hacker attacks. The latest attack exploits a previously undocumented flaw in Microsoft PowerPoint, the ubiquitous presentation program used by millions of users around the world.
The attack comes just days after Microsoft´s July Patch Tuesday and closely mirrors the situation in June when a zero-day Excel attack was discovered 24 hours after Patch Day.
Virus hunters at Symantec linked the zero-day attack to a Trojan horse program called Trojan.PPDropper.B that arrives via e-mail from a Gmail address.
The subject line of the mail and the .ppt file-name are in Chinese characters, suggesting that the attacks are emanating from—and attacking targets—in the Far East.Read Full Story