Microsoft’s “Security Response Center” today highlighted a new PowerPoint bug that affects all supported versions of the Windows operating system (save for Windows Server 2003). But fear not: Microsoft has a temporary solution to the problem.
“A cyberattacker could cause remote code execution if someone is tricked into opening a maliciously crafted PowerPoint document that contains an infected Object Linking and Embedding (OLE) file,” Tracey Pretorius, director of the response communications team, explained in a blog post today. An attacker can receive the same user rights as the person currently using the system, according to a summary of the issue.
Customers can use Microsoft’s fix-it option for a holdover until Microsoft releases an official patch, which will affect personal computer owners as well as companies that run Windows on the servers in their data centers.
“We continue to work on a security update to address this cyberattack,” Pretorius wrote. “We’re monitoring the threat landscape very closely and will continue to take appropriate action to help protect our global customers.”
The announcement follows a few recent Linux-related security vulnerabilities, including Poodle and Heartbleed.