Home > Security Channel News > More attacks on PowerPoint, IE
Security Channel News:
EMAIL THIS LICENSING & REPRINTS

More attacks on PowerPoint, IE

By Kevin Fogarty
29 Sep 2006 | SearchSecurity.com

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   

Just a day after Microsoft rushed out the fix for a flaw in the Vector Markup Language implementation in Internet Explorer, it's having to confirm a new zero-day attack on PowerPoint and exploits targeting IT.

The PowerPoint attack relies on an end user opening a malicious file provided through email or other methods. The flaw comes from the way PowerPoint handles malformed documents.

Until it's patched, Microsoft suggests customers use PowerPoint Viewer 2003, which doesn't contain the flaw, to view documents, and not opening documents from untrusted sources.

The Internet Explorer flaw "is caused due to an integer overflow error in the 'setSlice()' method in the 'WebViewFolderIcon' ActiveX control," according to an advisory from the Danish security-information clearinghouse Secunia. "This can be exploited to corrupt memory when visiting a malicious Web site."

To read the original version of this story, visit SearchSecurity.com.



Tags: Daily or WeeklyHeadlinesVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


HomeTopicsITKnowledge ExchangeTipsMultimediaWhite PapersBlogsEvents
About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
SEARCH 
TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Reprints  |  Site Map




All Rights Reserved, Copyright 2006 - 2008, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts