Who can you trust these days?

July 20, 2006
from BBC

Poisoned PowerPoint attacks users

Microsoft is warning Windows users about a virus that takes over PCs via the popular PowerPoint program. Attached to the virus is a poisoned presentation that, if opened, installs keylogging software on a computer. Users are being told to take care because it could be weeks before Microsoft produces a patch that protects against the security loophole. So far relatively few people are thought to have been caught out by the booby-trapp...
from BBC

Poisoned PowerPoint attacks users

Microsoft is warning Windows users about a virus that takes over PCs via the popular PowerPoint program. Attached to the virus is a poisoned presentation that, if opened, installs keylogging software on a computer. Users are being told to take care because it could be weeks before Microsoft produces a patch that protects against the security loophole. So far relatively few people are thought to have been caught out by the booby-trapped presentation. Nasty bug The bug that the malicious hackers behind the virus have exploited has been found in PowerPoint 2000, 2002 and 2003. Security experts said the virus was aimed at companies in Asia because Chinese characters are used in the subject line of the e-mail the booby-trapped files are attached to and in name of the poisoned PowerPoint presentation. The presentation purports to be 18 humorous slides about love between men and women. The PowerPoint presentation is attached to an e-mail that arrives from a Google GMail address. Anyone opening the PowerPoint file will trigger the virus that installs a keylogger that records everything typed on an infected machine. It also opens up a backdoor into that machine that the creators of the virus are likely to exploit to gather the recorded keystrokes or to install other malicious programs. Once a machine has been compromised the virus installs a blank version of the poisoned presentation to hide evidence that a computer has been taken over. In an advisory about the exploit Microsoft said "limited" attacks were taking place using the bug and added: "In order for this attack to be carried out, a user must first open a malicious PowerPoint document attached to an e-mail or otherwise provided to them by an attacker." The bug is known as a "zero-day" attack because it was exploited so soon after being discovered. To protect themselves against hackers exploiting the bug, Microsoft warned users not to open or save PowerPoint files that turn up unexpectedly - even if they are from trusted sources. PowerPoint has become widely used in businesses for presentations. The virus bearing the booby-trapped PowerPoint files started circulating a day after Microsoft issued a series of software patches as part of its regular security updates. Typically these updates are issued on the second Tuesday of every month. Security firms said the timing was deliberate as it gave the virus the longest chance to rack up victims before Microsoft gets round to closing the loophole. Microsoft said it was on target to release a patch to protect against the exploit on 8 August.So much for the practice of embedding Powerpoints as training snippets in control systems, eh?

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.