PowerPoint is attacked by trojans

Security vendor VeriSign iDefense warns users to be wary of PowerPoint files that falsify Christmas wishes, because it could be a malicious presentation file containing dangerous trojans.

Hidden behind a PowerPoint file that doesn't seem to be dangerous " Christmas + Blessing-4.ppt " attached to unidentified emails is malicious code that attacks Microsoft application security bugs.

" Alarmingly, such files are often very widespread. Most anti-virus software doesn't detect the attached malware ," Dunham warns.

Another factor that made the attack more dangerous " Christmas + Blessing-4 " has some similarities to the attack on Office that took place in May and June last. The target is mainly businesses.

The difference is that Christmas + Blessing-4 does not attack an unpatched security bug in PowerPoint. " If the system has installed the full patch then Christmas + Blessing-4 bundles, " said Dunham.

If the system is not patched yet and the user opens the Christmas + Blessing-4 file, their system will be infected with the Hupigon trojan. The trojan will then download some more malicious code.

Although Office attackers have a relatively limited scope of influence, they don't reduce their threat level. Mr. Dunham warned that day-to-day attacks would become a concern next year.

IDefense said that the attack was also sourced from China, similar to the Office attack last summer. Dunham calls these attackers "employees". " They get a lot of money for organizing attacks like this ."

Dunham recommends that users should quickly install Microsoft Office patches as soon as possible.

Hoang Dung