Article ID: 268477 - View products that this article applies to.
This article was previously published under Q268477
This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft has released an update that eliminates a security vulnerability in Microsoft PowerPoint 97. Microsoft recommends that all users of PowerPoint 97 consider installing the PowerPoint 97 Add-In Security Update.
This vulnerability could allow a malicious Web site operator to save a file to a visitor's local hard disk without the visitor's knowledge. The file could then be used to execute various malicious tasks.
Product Versions AffectedAll versions of Microsoft PowerPoint 97 can potentially be exploited through this security threat.
Update AvailabilityTo obtain the PowerPoint 97 Add-In Security Update, please browse to the following Microsoft Web site and follow the download instructions:
http://www.microsoft.com/technet/security/bulletin/ms00-049.mspxNOTE: There is a separate update for Office 2000, both PowerPoint and Excel. For additional information about the update for Office 2000, PowerPoint and Excel, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/268457/EN-US/ )PPT2000: Update Available for HTML Script Vulnerability
How to Download and Install the UpdateBefore you begin the installation, you must shut down all running programs, including Microsoft Office, Microsoft Project, and the Microsoft Office Shortcut Bar.
How to Verify That the Update Is SuccessfulThe only changes made to Microsoft PowerPoint 97 are in the registry.
Files Contained in the PP97sec.exe DownloadIf you download PP97sec.exe and manually extract the files by using a command line similar to the following
C:\Downloads\PP97sec.exe /c /t:C:\PP97secthe following files will be listed in the C:\PP97sec folder:
Install.infFrequently asked questions and answers about this vulnerability and the update can be found at the following Microsoft Web site:
Article ID: 268477 - Last Review: October 20, 2013 - Revision: 2.4