Be careful with funny PowerPoint files

Microsoft has officially confirmed a new security bug discovered in MS PowerPoint and said it will release a patch on August 8.

In a warning report released yesterday (July 17), Microsoft warned users not to open or store Microsoft Office files of unknown origin.

Microsoft's warning was made when there were a number of user attacks through the exploitation of the above security vulnerability. However, Microsoft's warning came out a week late. Earlier, a security bug in PowerPoint has become a tool for cultivating a keylogger trojan that infects Windows systems.

" However, attacks can only happen if the user opens a malicious PowerPoint file sent with email or any other path ," Microsoft said. " So when there is no patch to fix, users should be cautious in opening or storing MS Office files ."

The attack through taking advantage of security flaws in PowerPoint launched just a day after Microsoft released the July security bulletin targeting Trojan.PPDropper.B trojan spreads via email sent to locations. Gmail only.

Security firm Sophos said the PowerPoint file that came with those emails showed a humorous philosophy about love between men and women. But it is in the file that conceals a trojan that, when infecting a user's system, will drop a keylogger Backdoor.Bifrose.E. This keylogger is controlled from a remote server. Its goal is to record all information entered from the keyboard and steal personal information of users.

The trojan will add a stream to the Explorer.exe process to overwrite the malicious PowerPoint file with another "clean" file - that is, not containing any malicious code. Anti-virus experts believe that this is a new solution to remove all traces to avoid the detection of security solutions.

Hoang Dung