Microsoft warned about a new computer virus that exploits a vulnerability in its PowerPoint presentation software to allow hackers to infiltrate computer systems
Microsoft issued an advisory on the company's security Web log on July 17 about the
virus, which is carried out when a user launches a PowerPoint attachment to an e-mail or
opens a file provided to them by the attacker.
Hackers could also lure users to a Web page that offers content or advertisements
containing a file that exploits the PowerPoint software, Microsoft said. The
vulnerability applies to PowerPoint 2000, 2002 and 2003.
Once the user triggers the corrupt PowerPoint file, the virus installs a keystroke
logging system to capture everything typed on the machine. It also leaves the machine
open to having a hacker install other malicious programs.
"It installs a backdoor and allows for all types of software to be downloaded on the
computer and the computer can be remotely controlled," said Alfred Huger, a security
expert at Symantec Corp.
Microsoft said it was completing development of a security update to fix the
vulnerability and was on schedule to release the patch on August 8, or sooner, as part
of a monthly security update. The company reported a "limited" number of attacks.