0day this, 0day that, I've got the 0day blah's, and Microsoft Office 2000 PPT *DOES NOT*

Published: 2006-09-19
Last Updated: 2006-09-19 22:52:43 UTC
by William Salusky (Version: 2)
0 comment(s)
In today's storm of email announcing vulnerabilities (*Yes, pun intended*), we have received multiple forwards of a new Power Point vulnerability currently focused on the Chinese localization of the Microsoft Office 2000 product.  It is unconfirmed at this time whether later versions of Power Point are vulnerable.  There has been no notice disclosed regarding active exploit of other localized versions of Power Point, but safe money says that they are.  One AV vendor is classifying a discovered variant as "Trojan.PPDropper.E".  update: While earlier reports alluded to the possibility that this was a new null day exploit against PowerPoint, an AV vendor contact had written in to provide us with the notice that this vulnerability as disclosed elsewhere was likely not a zer* day vulnerability, and that further investigation was under way to confirm that this was addressed by updates in MS06-012.

Let me ask.  Do I even have to state the following among this readership?  Though it may be up to you to educate others.

* Don't open untrusted, unvetted or otherwise unexpected attachments. *  Especially not if they were found on a usb stick that was laying on the ground outside your office!

Personally, I have instructed my parents to stop using the internet altogether, since they seem unable to stop browsing strange websites and opening attachments from strange sources. </sarcasm>

Have I mentioned that I'm tired of using terms that have lost their meaning?

0day it to the front, uh-uh-uh
0day it to the back,  uh-uh-uh
0day to the right, 0day to the left
0day it up, up all night, uh-uh-uh 
</REALLY /sarcasm>
Handler on Duty (who solemnly swears NEVER to use the term '0day' ever again)

0 comment(s)


Diary Archives