14 DAY TRIAL // So, here it is: yet another Windows infection that attempts to take advantage of a vulnerability discovered in one of the most popular Microsoft technologies: PowerPoint. In case you're currently using Microsoft PowerPoint and you didn't install the latest patches for the presentation tool, you may get your computer infected with TROJ_MULDROP.OE, a Trojan horse that affects most Windows versions, including 98 and XP. Security vendor Trend Micro set a medium damage potential as a successful exploitation of the PowerPoint flaw could allow an attacker to get complete control over the affected system.
The Trojan can easily reach your computer, if you visit an infected website. Moreover, some other malware may attempt to drop it on the system, so you should really keep your antivirus technology enabled and up-to-date with the latest virus definitions. "This specially-crafted .PPT file exploits a vulnerability in Microsoft PowerPoint in order to drop and execute an embedded .EXE file", Trend Micro wrote.
Looking on the Microsoft security advisory, I found out that the flaw was first published and updated in June 2006, so it's unlikely to find so many vulnerable users. Microsoft flagged the vulnerability as critical and urged the consumers to install the provided patches.
"If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of the client workstation. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights", Microsoft wrote.
The Redmond company said, at that time, that Microsoft Office 200 Service Pack 3 with Microsoft PowerPoint 2000, Microsoft Office XP Service Pack 3 with Microsoft PowerPoint 2002, Microsoft Office 2003 Service Pack 1 or Service Pack 2 with Microsoft PowerPoint 2003 and Microsoft Office 2004 for Mac are all affected by the vulnerability. The patches can be found on this page.