http://www.computerworld.com/article/2836722/microsoft-warns-of-windows-zero-day-hackers-serve-exploits-in-powerpoint-files.html
By Gregg Keizer
Computerworld
Oct 21, 2014
Microsoft on Tuesday warned Windows users that cyber criminals are
exploiting a zero-day vulnerability using malicious PowerPoint documents
sent as email attachments.
In an advisory, Microsoft outlined the bug and provided a one-click tool
from its "Fixit" line that customers can use to protect their PCs until a
patch is available.
Although Microsoft does not label its advisories with the same four-step
threat scoring system it uses for security updates, it said that a
successful exploit would let hackers hijack the PC so that they could, for
example, steal information or plant other malware on the machine.
The vulnerability affects all versions of Windows, from the aged Windows
Server 2003 to the very newest Windows 8.1, and is within the operating
system's code that handles OLE (object linking and embedding) objects. OLE
is most commonly used by Microsoft Office for embedding data from an Excel
spreadsheet in, say, a Word document.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
