Enter The Dark World ..!

Microsoft PowerPoint Vulnerable to Zero Day Attack

Microsoft PowerPoint Vulnerable to Zero Day Attack

Oct 24, 2014

It seems that there is no end to the Windows zero day attack, as recently Microsoft patched three zero-day vulnerabilities in Windows which were actively exploited in the wild by hackers, and now a new Zero-day vulnerability has been disclosed affecting all supported releases of Windows operating system, excluding Windows Server 2003.
Microsoft has issued a temporary security fix for the flaw and also confirmed that the zero-day flaw is being actively exploited by the hackers through limited, targeted attacks using malicious Microsoft PowerPoint documents sent as email attachments.

By gaining same rights as a logged-in user, an attacker could infect victim’s computer by installing other malicious programs on it. According to the software giant, some attacks that compromise accounts without administrator rights may pose less of a risk.
Microsoft has released a Fix it “OLE packager Shim Workaround” which will stop the known PowerPoint attacks. But it is not capable to stop other attacks that might be built to exploit this vulnerability. Also, the Fix it is not available for 64-bit editions of PowerPoint on x64-based editions of Windows 8 and Windows 8.1.
Meanwhile, Microsoft also urged Windows users to pay attention to the User Account Control (UAC) prompt, a pop-up alerts that require authorization before the OS is allowed to perform various tasks, which would warn a user once the exploit starts to trigger – asking permission to execute. But, users many times see it as an inconvenience and many habitually click through without a second thought.

Furthermore, Redmond didn’t mention an out-of-band patch for the Zero-Day vulnerability, nor did it mention if a patch would be ready by November Security Patch update.
Earlier this month, Microsoft released eight security bulletins, as part of its monthly patch update, fixing three zero-day flaws at the same time. One of which (CVE-2014-4114) was discovered by iSight partners in all supported versions of Microsoft Windows and Windows Server 2008 and 2012 that was being exploited in the “Sandworm” cyberattack to penetrate major corporations’ networks.


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>