Microsoft Dismisses PowerPoint Zero-Day Warning
Microsoft is pouring cold water on a warning from anti-virus vendor Trend Micro that a new PowerPoint zero-day attack is under way.
The Trend Micro warning, first issued Aug. 19, said that a specially crafted ".ppt" file was being used to exploit an undocumented PowerPoint vulnerability.
The Japanese anti-virus company said it received a sample of the file Aug. 17, less than two weeks after Microsoft shipped a security update to fix a PowerPoint flaw.
However, according to Stephen Toulouse, a program manager in the MSRC (Microsoft Security Response Center), the vulnerability has already been resolved by an update.
"Our initial investigation is that this is not a new zero-day at all," Toulouse said in an e-mail exchange with eWEEK.
The Trend Micro warning, which was posted without any communication with Microsoft, caught the MSRC off guard, Toulouse said.
"Usually, we receive communication from the [anti-virus] partners prior to going public so that we can confirm," he said.
In this case, Toulouse said the MSRC reached out to Trend Micro for a sample of the malware file to verify whether it was indeed exploiting an unpatched issue.
The Role of Standards in Cloud Security
Security is often cited as a primary cause for concern...Watch Now
Ensuring Resources for Mission Critical Workloads
Application workloads can thrive in cloud environments,...Watch Now
Improving Security in the Public Cloud
One of the main concerns about moving data to a public...Watch Now