I don’t know about you but I’m starting to feel real insecure when I am using the Internet. The once glorious open pasture of consumable content and entertainment has become a huge metropolis of people trying to steal personal data. Gone are the days of hackers fooling you into downloading a program, nowadays they use sophisticated browser attacks, fake emails and the latest – presentations on PowerPoint!
Yes, you read that right. The latest target of hackers is exploiting a security flaw in Microsoft Office, and in particular found in the presentation program PowerPoint. Hackers are using this exploit to steal data and take over any compromised Windows machines.
Microsoft has confirmed the attacks in ‘limited’ numbers against PowerPoint presentations on their security advisory website. The hacker can take full control of the system once a document is opened containing a malicious object embedded in it. This is not limited to just PowerPoint, however it is thought to be more accepting to have object embedded into these files.
This can then be used to take full control of the computer and could affect all releases of Windows, except for Server 2003. The weak point (as is usually the case) being the end user in this attack, Office will prompt the user to download the information, however these prompts are so common as it appears that most users expect data to be embedded into PowerPoint slides more so than other Office programs.
How To Fix It?
Details are scarce on the release of a fix, but rest assured Microsoft will be working hard to fix such a major hole. In the meantime, they urge to not download Office files from untrusted sources. Microsoft has detailed a work around ‘for some scenarios’ until a more permanent fix is rolled out.
Have you been affected by the recent surge in security breaches either at home or in a retailer? How do you keep yourself safer online? Share some details to help others on social media or in the comments below.