Article ID: 268477 - Last Review: July 19, 2007 - Revision: 2.4

PPT97: Update Available for HTML Script Vulnerability

Retired KB ArticleRetired KB Content Disclaimer
View products that this article applies to.
This article was previously published under Q268477

On This Page

Expand all | Collapse all

SUMMARY

Microsoft has released an update that eliminates a security vulnerability in Microsoft PowerPoint 97. Microsoft recommends that all users of PowerPoint 97 consider installing the PowerPoint 97 Add-In Security Update.

This vulnerability could allow a malicious Web site operator to save a file to a visitor's local hard disk without the visitor's knowledge. The file could then be used to execute various malicious tasks.

Product Versions Affected

All versions of Microsoft PowerPoint 97 can potentially be exploited through this security threat.

Update Availability

To obtain the PowerPoint 97 Add-In Security Update, please browse to the following Microsoft Web site and follow the download instructions:
http://www.microsoft.com/technet/security/bulletin/ms00-049.mspx (http://www.microsoft.com/technet/security/bulletin/ms00-049.mspx)
NOTE: There is a separate update for Office 2000, both PowerPoint and Excel. For additional information about the update for Office 2000, PowerPoint and Excel, click the article number below to view the article in the Microsoft Knowledge Base:
268457  (http://support.microsoft.com/kb/268457/EN-US/ ) PPT2000: Update Available for HTML Script Vulnerability
Back to the top

MORE INFORMATION

How to Download and Install the Update

Before you begin the installation, you must shut down all running programs, including Microsoft Office, Microsoft Project, and the Microsoft Office Shortcut Bar.
  1. Point your Web browser to the following Web site:

    http://office.microsoft.com/downloads/9798/Ppt97sec.aspx (http://office.microsoft.com/downloads/9798/Ppt97sec.aspx)
  2. Click Download Now!. Click Save this program to disk, and then click OK.
  3. Click Save to save the PPt97sec.exe file in the selected folder.
  4. In Windows Explorer, double-click PPt97sec.exe.
  5. Click Yes when you are asked whether you want to continue installing this update.
  6. Click Yes to accept the License Agreement.
  7. Click OK in the alert that indicates that the installation was successful.
IMPORTANT: After this update is applied, it cannot be uninstalled.
Back to the top

How to Verify That the Update Is Successful

The only changes made to Microsoft PowerPoint 97 are in the registry.

Files Contained in the PP97sec.exe Download

If you download PP97sec.exe and manually extract the files by using a command line similar to the following
C:\Downloads\PP97sec.exe /c /t:C:\PP97sec
the following files will be listed in the C:\PP97sec folder:
Install.inf
Readme.txt
Advpack.dll
W95inf32.dll
W95inf16.dll
Frequently asked questions and answers about this vulnerability and the update can be found at the following Microsoft Web site:
http://www.microsoft.com/technet/security/bulletin/ms00-049.asp (http://www.microsoft.com/technet/security/bulletin/ms00-049.asp)
Back to the top
APPLIES TO
  • Microsoft PowerPoint 97 Standard Edition
Back to the top
Keywords: 
kbdownload kbfaq kbfix kbinfo KB268477
Back to the top
Retired KB ArticleRetired KB Content Disclaimer
This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.
Back to the top
 

Get Help Now

Contact a support professional by E-mail, Online, or Phone

Article Translations