Microsoft is readying a fix for a zero-day flaw in PowerPoint that is being exploited in targeted cyberattacks, the company said Monday.
A patch is being completed and is scheduled to be released on Aug. 8, Microsoft's next "Patch Tuesday," the company said in a security advisory. The fix may be released sooner, if that is warranted, Microsoft said.
"In order for this attack to be carried out, a user must first open a malicious PowerPoint document attached to an e-mail or otherwise provided to them by an attacker," Microsoft said in its advisory.
The vulnerability affects PowerPoint 2000, PowerPoint 2002 and PowerPoint 2003. Attacks that exploit the flaw in the presentation application are "limited," Microsoft said. Typically, they have to be widespread for the company to issue a patch outside of its monthly schedule.
Some security experts believe the timing of an attack to follow right after a monthly patch day is no coincidence. Microsoft typically does not release fixes outside of its monthly patching cycle for such flaws, giving miscreants at least a month to try to profit from them.
patch before Aug 8 if warranted, MS has a warranty?
Since when does Microsoft have any action or plan to cover the use or performance of their products, that would be called a Warranty, and the EULA expressly forbids them from offering to "care" what their users really need. So in the meantime, OpenOffice.org is looking pretty busy these days, so there's hope for a mass exodus of MS customers who suddenly "got smart" and searched for a better People Powered way to work.
patch before Aug 8 if warranted, MS has a warranty?
Since when does Microsoft have any action or plan to cover the use or performance of their products, that would be called a Warranty, and the EULA expressly forbids them from offering to "care" what their users really need. So in the meantime, OpenOffice.org is looking pretty busy these days, so there's hope for a mass exodus of MS customers who suddenly "got smart" and searched for a better People Powered way to work.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
Whether Apple will release a new iPad next month doesn't seem to be the question as much as what day it will happen. A new rumor has it down to the day.
Tommy Jordan, the man who shot his daughter's laptop for YouTube, gets a visit from police and child protection services. Oh, and Good Morning America.
Along with green-lighting Google's buy of Motorola, the Justice Department today OKs an Apple-Microsoft-RIM partnership deal to buy Nortel patents, and Apple's plan to acquire Novell patents.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
"Never Stop Playing" campaign for upcoming portable marks Sony's largest platform launch marketing spend, with ads to reach YouTube, Facebook, TV, and billboards in major cities.
As UC Berkeley students, the co-founders of "Back to the Roots" discovered they could grow mushrooms using recycled coffee grounds. Now their mushroom kit sells at grocery stores across the country.
or performance of their products, that would be called a Warranty,
and the EULA expressly forbids them from offering to "care" what
their users really need. So in the meantime, OpenOffice.org is
looking pretty busy these days, so there's hope for a mass exodus
of MS customers who suddenly "got smart" and searched for a
better People Powered way to work.
or performance of their products, that would be called a Warranty,
and the EULA expressly forbids them from offering to "care" what
their users really need. So in the meantime, OpenOffice.org is
looking pretty busy these days, so there's hope for a mass exodus
of MS customers who suddenly "got smart" and searched for a
better People Powered way to work.
But lest we forget... there are still numerous products with numerous flaws still unpatched:
Per Secunia Advisories as of this date:
For WinXP Pro alone, there are currently, 28 out of 143 Secunia advisories, are marked as "Unpatched" in the Secunia database.
For WinXP Home alone, there are currently, 25 out of 128 Secunia advisories, are marked as "Unpatched" in the Secunia database.
For Win2000 Pro alone, there are currently, 18 out of 120 Secunia advisories, are marked as "Unpatched" in the Secunia database.
And many of these unpatched flaws have existed since 2002 or possibly even earlier.
Microsoft needs to get out from under the ball and get ON the ball patching <b>ALL</b> of these rediculously long pending flaws!!!