Microsoft Security Advisory: Vulnerability in PowerPoint could allow remote code execution

Support for Office 2003 has ended

Microsoft ended support for Office 2003 on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

This article has been archived. It is offered "as is" and will no longer be updated.
Microsoft is investigating new public reports of limited “zero-day” attacks that use a vulnerability in Microsoft PowerPoint 2000, Microsoft PowerPoint 2002 and Microsoft Office PowerPoint 2003.

For this attack to be carried out, a user must first open a malicious PowerPoint file. This PowerPoint file is attached to an e-mail message or is otherwise provided to the user by an attacker.

Microsoft has released a security advisory about this issue for IT professionals. This security advisory also contains additional security-related information. To view this security advisory, visit the following Microsoft Web site:
security bug flaw vulnerability malicious attacker exploit registry unauthenticated buffer overrun overflow specially-formed scope specially-crafted denial of service
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.
Properties

Article ID: 925984 - Last Review: 01/16/2015 09:28:15 - Revision: 1.0

  • Microsoft Office PowerPoint 2003
  • Microsoft PowerPoint 2002 Standard Edition
  • Microsoft PowerPoint 2000 Standard Edition
  • kbnosurvey kbarchive kbtshoot kbsecurity kbsecvulnerability KB925984
Feedback