Skip to main content [aditude-amp id="stickyleaderboard" targeting='{"env":"staging","page_type":"article","post_id":1583905,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,cloud,enterprise,security,","session":"D"}']

Microsoft identifies PowerPoint security flaw that leaves all Windows versions vulnerable

A display at a Microsoft Windows press event in San Francisco on Sept. 30.

Image Credit: Jordan Novet/VentureBeat

Microsoft’s “Security Response Center” today highlighted a new PowerPoint bug that affects all supported versions of the Windows operating system (save for Windows Server 2003). But fear not: Microsoft has a temporary solution to the problem.

“A cyberattacker could cause remote code execution if someone is tricked into opening a maliciously crafted PowerPoint document that contains an infected Object Linking and Embedding (OLE) file,” Tracey Pretorius, director of the response communications team, explained in a blog post today. An attacker can receive the same user rights as the person currently using the system, according to a summary of the issue.

[aditude-amp id="flyingcarpet" targeting='{"env":"staging","page_type":"article","post_id":1583905,"post_type":"story","post_chan":"none","tags":null,"ai":false,"category":"none","all_categories":"business,cloud,enterprise,security,","session":"D"}']

Customers can use Microsoft’s fix-it option for a holdover until Microsoft releases an official patch, which will affect personal computer owners as well as companies that run Windows on the servers in their data centers.

“We continue to work on a security update to address this cyberattack,” Pretorius wrote. “We’re monitoring the threat landscape very closely and will continue to take appropriate action to help protect our global customers.”

AI Weekly

The must-read newsletter for AI and Big Data industry written by Khari Johnson, Kyle Wiggers, and Seth Colaner.

Included with VentureBeat Insider and VentureBeat VIP memberships.

The announcement follows a few recent Linux-related security vulnerabilities, including Poodle and Heartbleed.

VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn More