The unpatched PowerPoint flaw is believed to allow hackers to run malicious code, such as a worm, on both Windows and Apple Mac computers.
"It has been a bad few weeks for Microsoft on the security front," said Graham Cluley, senior technology consultant at Sophos.
"First it had to deal with a zero-day vulnerability in the way its products handle VML, then it discovers yet another problem with PowerPoint files."
Sophos warned computer users to be extra cautious when opening unsolicited files. The vulnerability is believed to affect Microsoft PowerPoint 2000/2002/2003, Microsoft PowerPoint 2004 for Mac, and Microsoft PowerPoint V.X for Mac.
"Hackers are showing increasing ingenuity in their attempts to break into innocent users' computers, and are always on the hunt for exploitable bugs in commonly used programs," said Cluley.
"PowerPoint is the standard business tool for presentations, underlining that all computer users need to show great caution when handling unsolicited email attachments."
In a similar incident in July 2006, Chinese hackers exploited a different PowerPoint flaw in order to install a key-logging Trojan horse.
Commons Science and Technology Committee calls for new post-Brexit skilled-workers immigration system
Committee calls for visa-free travel and permit-free work for skilled workers
Eleven 'normal' outer moons, and one described as 'oddball' found circling Jupiter
Scientific discovery has found a quadrillion tonnes of diamonds in the earth's mantle
Mobile payment app makes users' details public by default