The unpatched PowerPoint flaw is believed to allow hackers to run malicious code, such as a worm, on both Windows and Apple Mac computers.
"It has been a bad few weeks for Microsoft on the security front," said Graham Cluley, senior technology consultant at Sophos.
"First it had to deal with a zero-day vulnerability in the way its products handle VML, then it discovers yet another problem with PowerPoint files."
Sophos warned computer users to be extra cautious when opening unsolicited files. The vulnerability is believed to affect Microsoft PowerPoint 2000/2002/2003, Microsoft PowerPoint 2004 for Mac, and Microsoft PowerPoint V.X for Mac.
"Hackers are showing increasing ingenuity in their attempts to break into innocent users' computers, and are always on the hunt for exploitable bugs in commonly used programs," said Cluley.
"PowerPoint is the standard business tool for presentations, underlining that all computer users need to show great caution when handling unsolicited email attachments."
In a similar incident in July 2006, Chinese hackers exploited a different PowerPoint flaw in order to install a key-logging Trojan horse.
Facebook told by Brussels-based court to stop tracking non-users and to delete all data held on them
Supply chain and manufacturing experience could give Dyson an important edge
New VR Zone Portal arcades open in London and Tunbridge Wells
Systems-on-a-chip with integrated AI features could make voice and facial recognition