All the latest UK technology news, reviews and analysis

RSA 2009: Concern as Microsoft fails to patch PowerPoint flaw

by Iain Thomson

More from this author

22 Apr 2009

Be the first to comment

  • Tweet this
users
The PowerPoint attack uses images of naked swimmers to lure users

Security experts are expressing concern at Microsoft's failure to patch a flaw in PowerPoint that is already being exploited by malware writers.

Many were expecting a patch as part of the last Patch Tuesday but to date there has been no sign of the fix.

Further reading

“This PowerPoint exploit is in the wild right now,” said Graham Cluley, senior technology consultant at Sophos. “It comes in the form of a presentation showing naked Japanese girls bathing in rockpools, or as an IQ test, to lure the user in. We're hoping Microsoft will patch this soon.”

He said that so far the exploit was being used in a targeted fashion but there was serious concern that it would be spammed out as part of a botnet recruitment drive.

The issue comes as more and more security experts are expressing concern at the levels of application vulnerabilities and the lack of patching and updating.

“It's a problem for IT departments as they are often stretched for resources and there are many applications to patch,” said Niels Henrik Rasmussen, founder of vulnerability researcher Secunia.

He pointed out that both his own research and the latest Microsoft Security Intelligence Report showed that application flaws were becoming a more pressing security issue than operating system flaws.

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

Toy soldiers on keyboard representing cyber security

Boardroom gears up for cyber war

Related white papers

Related articles

Related jobs

Today's top stories

A Cisco logo on a building

Cisco asks EU to rethink approval for Microsoft's Skype buy

meg-whitman-hp-ceo-global-partner-conference1

HP plans to double R&D spend across all divisions

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 reporter Dan Worth

World-changing CERN experiments highlight humanity’s intrinsic curiosity

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Middleware Specialist - Connect Direct

A global consultancy is looking for a technical IT infrastructure...

External Technical Engineer, Rochdale

External Technical Engineer, Rochdale This Lancashire...

Contract Solaris Administrator - Sweden

Contract: L3 Solaris Administrator - Stockholm, Sweden...

C#/ VB.NET Senior Developer / Team Leader - Manchster to £45K

C# or VB.NET Senior Developer / Team Leader x 2- Manchester...

To send to more than one email address, simply separate each address with a comma.