Home > Security Channel News > More attacks on PowerPoint, IE
Security Channel News:
EMAIL THIS

More attacks on PowerPoint, IE

By Kevin Fogarty
29 Sep 2006 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Just a day after Microsoft rushed out the fix for a flaw in the Vector Markup Language implementation in Internet Explorer, it's having to confirm a new zero-day attack on PowerPoint and exploits targeting IT.

The PowerPoint attack relies on an end user opening a malicious file provided through email or other methods. The flaw comes from the way PowerPoint handles malformed documents.

Until it's patched, Microsoft suggests customers use PowerPoint Viewer 2003, which doesn't contain the flaw, to view documents, and not opening documents from untrusted sources.

The Internet Explorer flaw "is caused due to an integer overflow error in the 'setSlice()' method in the 'WebViewFolderIcon' ActiveX control," according to an advisory from the Danish security-information clearinghouse Secunia. "This can be exploited to corrupt memory when visiting a malicious Web site."

To read the original version of this story, visit SearchSecurity.com.



Tags: Daily or WeeklyHeadlinesVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Daily or Weekly
Microsoft to release 11 new security fixes on Patch Tuesday
Microsoft breaks schedule for early IE patch
Apple defends wireless security; flaws crop up anyway
ZERT rekindles third-party patching debate
Dell, Symantec simplify Secure Exchange for SMBs
Burton Group: Web application firewall market maturing
Fending off an Active Directory attack
Security Blog Log: The new clearinghouse for flaws
NAC, VPNs and behavior analysis in the Interop spotlight
Change control helps IT deal with changing threats

Headlines
Microsoft to release 11 new security fixes on Patch Tuesday
Is a partnership certification worth the money? Part III -- security

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary

HomeNewsTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2006 - 2009, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts