Microsoft Dismisses PowerPoint Zero-Day Warning
The New Reality for Customer Engagement
Microsoft is pouring cold water on a warning from anti-virus vendor Trend Micro that a new PowerPoint zero-day attack is under way.
The Trend Micro warning, first issued Aug. 19, said that a specially crafted ".ppt" file was being used to exploit an undocumented PowerPoint vulnerability.
The Japanese anti-virus company said it received a sample of the file Aug. 17, less than two weeks after Microsoft shipped a security update to fix a PowerPoint flaw.
However, according to Stephen Toulouse, a program manager in the MSRC (Microsoft Security Response Center), the vulnerability has already been resolved by an update.
"Our initial investigation is that this is not a new zero-day at all," Toulouse said in an e-mail exchange with eWEEK.
The Trend Micro warning, which was posted without any communication with Microsoft, caught the MSRC off guard, Toulouse said.
"Usually, we receive communication from the [anti-virus] partners prior to going public so that we can confirm," he said.
In this case, Toulouse said the MSRC reached out to Trend Micro for a sample of the malware file to verify whether it was indeed exploiting an unpatched issue.
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...