Skip to content

Powerpoint 2003 security problem

It’s becoming a habit, as soon as Microsoft releases the monthly lump of patches, the baddies reveal yet more holes in Windows or Office.

It’s becoming a habit, as soon as Microsoft releases the monthly lump of patches, the baddies reveal yet more holes in Windows or Office. There’s no rest for the security and patching people at Microsoft.

So far Microsoft and their customers have been lucky. The exploits released just after Microsoft’s monthly security patches have not spread far or have stayed mostly theoretical. We can only hope that our luck holds.

This month’s security alert is a PowerPoint problem – nothing unusual or special – if you take the usual precautions (see below) there won’t be a problem.

It’s been wrongly called a ‘virus’ but strictly speaking it is not. Like many of the recent security alerts it is a bug in Office which allows a document to run programs on your computer without your knowledge or permission. You need to open the Office document (in this case an PPT file) so that the specially changed file can run some type of malware on your computer.

In this case a nasty PPT file needs to be opened by Powerpoint 2002, Powerpoint 2002 (XP) and Powerpoint 2003 in order to infect your computer. The free Powerpoint 2003 viewer software is not affected.

Microsoft often makes the point that you need to be logged in with Administrator access for many of these attacks to succeed. While that’s strictly true, it’s usually necessary for most people to have Administrator level access in order to use their systems effectively. This won’t really changed until Windows Vista is available.

Until Microsoft releases a patch you’ll need to be careful about any Powerpoint document you receive. Since email senders can be faked, the advice to avoid attachments from unknown sources isn’t foolproof.

The details, such as they are, are on the Microsoft website here – we’ll have to wait for the August patch release for a fix unless events overtake that schedule in the meantime.

 

About this author