MS06-010: Vulnerability in PowerPoint 2000 could allow information disclosure

This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft has released security bulletin MS06-010. The security bulletin contains all the relevant information about the security update for Microsoft PowerPoint 2000. This includes file manifest information and deployment options. To view the security bulletin, visit one of the following Microsoft Web sites:

List of issues that the security update fixes

Besides the issues that are described in the security bulletin, the security update for Microsoft PowerPoint 2000 (KB889167) fixes the issues that are described in the following Microsoft Knowledge Base articles:
241277 FIX: The "Show on" secondary monitor slide show setting is not saved in PowerPoint 2000
324782 Changes made to presentation are lost when you open the document by using SharePoint Portal Server
327042 File name extensions are missing when you send your presentation as an e-mail attachment if you use ODMA
327044 F12 does not open the Save As dialog box when presentation is opened in Web browser
810557 The last character in a text box does not appear in a presentation in PowerPoint 2000
813802 Error message: "PowerPoint found an error it cannot correct. You should save your presentation"
814138 Error message if your macro uses the SaveAs command
823331 PowerPoint 2000 post-Service Pack 3 hotfix package: July 7, 2003
827988 PowerPoint 2000 post-Service Pack 3 hotfix package: September 30, 2003
830008 PowerPoint 2000 post-Service Pack 3 hotfix package: October 20, 2003
830811 PowerPoint 2000 Post-Service Pack 3 hotfix package: November 5, 2003
842313 Description of the PowerPoint 2000 post-Service Pack 3 hotfix package: May 19, 2004
842785 Description of the PowerPoint 2000 post-Service Pack 3 hotfix package: June 4, 2004
After you install this security update, you will receive the following message when you open a PowerPoint presentation on a Web site:
Opening 'path/file_name'. Some files can contain viruses or otherwise be harmful to your computer. It is important to be certain that this file is from a trustworthy source. Would you like to open this file?
This message appears only when you view presentations from the Internet. This message should not appear when you open a presentation that is on the local computer.

Note This behavior change is documented in the bulletin that is found on the following Microsoft Web site: What does the update do?The update modifies PowerPoint so that PowerPoint warns you that a presentation may be unsafe when you click a presentation on a Web site. You may then cancel the action of opening the presentation.

Removal information

After you install the security update for PowerPoint 2000 (KB889167), you cannot remove the update. To revert to an earlier installation of PowerPoint 2000, you must remove PowerPoint 2000 and then reinstall it from the original installation disk.
powerpoint2000 powerpoint2k ppt2000 ppt2k update security_patch security_update security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service DoS

Article ID: 889167 - Last Review: 10/27/2013 06:46:33 - Revision: 2.3

  • Microsoft PowerPoint 2000 Standard Edition
  • kbnosurvey kbarchive kbpubtypekc kbbug kbsecvulnerability kbsecbulletin kbsecurity kbqfe kbexpertisebeginner kbfix kbupdate kbdownload atdownload KB889167