The unpatched PowerPoint flaw is believed to allow hackers to run malicious code, such as a worm, on both Windows and Apple Mac computers.
"It has been a bad few weeks for Microsoft on the security front," said Graham Cluley, senior technology consultant at Sophos.
"First it had to deal with a zero-day vulnerability in the way its products handle VML, then it discovers yet another problem with PowerPoint files."
Sophos warned computer users to be extra cautious when opening unsolicited files. The vulnerability is believed to affect Microsoft PowerPoint 2000/2002/2003, Microsoft PowerPoint 2004 for Mac, and Microsoft PowerPoint V.X for Mac.
"Hackers are showing increasing ingenuity in their attempts to break into innocent users' computers, and are always on the hunt for exploitable bugs in commonly used programs," said Cluley.
"PowerPoint is the standard business tool for presentations, underlining that all computer users need to show great caution when handling unsolicited email attachments."
In a similar incident in July 2006, Chinese hackers exploited a different PowerPoint flaw in order to install a key-logging Trojan horse.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago