July 20, 2006
Microsoft Warns About a PowerPoint Virus
SEATTLE -- Microsoft Corp. warned about a new computer virus that exploits a vulnerability in its PowerPoint presentation software to allow hackers to infiltrate computer systems.
Microsoft issued an advisory on the company's security Web log on July 17 about the virus, which is carried out when a user launches a PowerPoint attachment to an e-mail or opens a file provided to them by the attacker.Hackers could also lure users to a Web page that offers content or advertisements containing a file that exploits the PowerPoint software, Microsoft said. The vulnerability applies to PowerPoint 2000, 2002 and 2003.
Once the user triggers the corrupt PowerPoint file, the virus installs a keystroke logging system to capture everything typed on the machine. It also leaves the machine open to having a hacker install other malicious programs.
"It installs a backdoor and allows for all types of software to be downloaded on the computer and the computer can be remotely controlled," said Alfred Huger, a security expert at Symantec Corp.
Microsoft said it was completing development of a security update to fix the vulnerability and was on schedule to release the patch on August 8, or sooner, as part of a monthly security update. The company reported a "limited" number of attacks.