14 DAY TRIAL // After a powerful spam campaign containing malicious Word documents has been spotted on the web, a new email attack based on PowerPoint slideshows targets our computers. JM Hipolito of Trend Micro wrote, a few days ago, that the TROJ_PPDROP.K Trojan horse was first detected in a spam message containing the PowerPoint slideshow named Merry Christmas.pps-1. In case the user is so na?ve to open the malicious attachment, the Trojan horse attempts to exploit an older Excel vulnerability. "It then extracts and executes another file, Merry Christmas.exe-1 - detected as BKDR_AGENT.ADGS", it is mentioned in the message posted by the Trend Micro official.
And that's not all. The backdoor then attempts to inject a piece of a malicious code into Outlook Express, in order to steal usernames, passwords and other credentials and send them to the attacker's email address.
Several security measures must be applied to be sure that nobody ever manages to get into your computer. First of all, you're advised to apply the latest patches, fixes and updates for your operating system (Windows in our case). In addition, you should also get the newest updates for Microsoft Office and all its utilities, including Word, PowerPoint and Excel, the three applications involved into the attacks.
Just like usual, the antivirus must be enabled and updated with the latest virus definitions released by its vendor. Also, a firewall would be a great solution to block the sending of the information in case the backdoor manages to steal your usernames and passwords.
And just like the Trend Micro official advised, "it is always a good idea to be cautious handling any unsolicited mail and their associated attachments."
In case you don't have a security application installed on your computer, but you're currently looking for one, you can try the software listed on Softpedia available here.