Just days after patching four bugs in PowerPoint, Microsoft has warned of a new attack targeting its presentation software.
"We’ve been made aware of proof of concept code published publicly affecting Microsoft Office 2003 PowerPoint," wrote Microsoft security manager Alexandra Huft on a technical blog. "The reported proof of concept may allow an attacker to execute code on a user’s machine by convincing them to open a specially-crafted PowerPoint file."
Huft said that Microsoft is not aware of any attacks that take advantage of the bug, but with code now in circulation on public websites like Securitydot.net, the attack is easily available to attackers. Security vendor Secunia has rated the flaw as highly critical because it could be exploited to gain accessed to a fully patched Windows system.
The hole affects PowerPoint 2000, PowerPoint 2002 and PowerPoint 2003, as well as many versions of the Office suite, Secunia said.
Hackers have been keeping Microsoft's security team extremely busy over the past month, and Office in particular has been the focus of their efforts. Last week, Microsoft released the largest number of bug fixes in recent memory, patching 26 flaws in its Windows, Office and .Net framework products.