<img alt="dcsimg" id="dcsimg" width="1" height="1" src="//www.qsstats.com/dcsuuvfw300000gkyg9tnx0uc_3f7v/njs.gif?dcsuri=/index.php/c/a/Past-News/Microsoft-Dismisses-PowerPoint-ZeroDay-Warning&amp;WT.js=No&amp;WT.tv=10.4.1&amp;dcssip=www.cioinsight.com&amp;WT.qs_dlk=XOvWL8aOk03dja3ECndUsAAAAAM&amp;">
 

Microsoft Dismisses PowerPoint Zero-Day Warning

By Ryan Naraine  |  Posted 08-21-2006 Print
Microsoft is pouring cold water on a warning from anti-virus vendor Trend Micro that a new PowerPoint zero-day attack is under way.

Microsoft is pouring cold water on a warning from anti-virus vendor Trend Micro that a new PowerPoint zero-day attack is under way.

The Trend Micro warning, first issued Aug. 19, said that a specially crafted ".ppt" file was being used to exploit an undocumented PowerPoint vulnerability.

The Japanese anti-virus company said it received a sample of the file Aug. 17, less than two weeks after Microsoft shipped a security update to fix a PowerPoint flaw.

However, according to Stephen Toulouse, a program manager in the MSRC (Microsoft Security Response Center), the vulnerability has already been resolved by an update.

"Our initial investigation is that this is not a new zero-day at all," Toulouse said in an e-mail exchange with eWEEK.

Click here to read more about a recent PowerPoint zero-day attack.

The Trend Micro warning, which was posted without any communication with Microsoft, caught the MSRC off guard, Toulouse said.

"Usually, we receive communication from the [anti-virus] partners prior to going public so that we can confirm," he said.

In this case, Toulouse said the MSRC reached out to Trend Micro for a sample of the malware file to verify whether it was indeed exploiting an unpatched issue.



 

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.