PowerPoint exploit makes Windows vulnerable to cyber attacks

mahit26@gmail.com' By: Sean Jeffries
2 minute read
powerpoint vulnerability

Attackers are often in search of vulnerabilities through which they can exploit the machine and install malware. This time around a vulnerability in the Windows Object Linking Embedding (OLE) is being exploited via the Microsoft PowerPoint by the attackers.

 

As per a report from security firm Trend Micro the most common type of interface that is used to exploit the vulnerability is the use of Rich Text File. All of this is done by wearing a masquerade of PowerPoint slideshows. The modus operandi is however pretty typical, an email containing an attachment is sent. Content in the email is readied in such a way that it gains the immediate attention of the recipient and also maximises the chances of a response.

Apparently, the attached document is a PPSX file which is a file format associated with the PowerPoint. This format only offers playback of the slide but the edit options are locked out. In case the file is opened it will just display the following text, ‘CVE-2017-8570. (Another vulnerability for Microsoft Office.)’.

In reality, opening the file will trigger an exploit for another vulnerability named CVE-2017-0199 and then it will offload the malicious code via the PowerPoint animations. Eventually, a file called logo.doc will be downloaded. The document is made up of an XML file with JavaScript code which is used to run a PowerShell command and download the malicious program called ‘RATMAN.exe.’ which is a remote access Trojan referred to as .

The Trojan can record keystrokes, capture screenshots, record videos and also download other malware. In essence, the attacker will be in full control of your computer and can literally cause severe damage by stealing all your information including banking passwords. The use of PowerPoint file is a clever touch since the anti virus engine will be searching for RTF file.

All said and done, Microsoft has already patched the vulnerability way back in April and this is one of the reasons why we suggest folks to keep their PC’s updated. Yet another quintessential tip is to avoid downloading attachments from unknown sources, just don’t do it.

RELATED STORIES YOU NEED TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading

Discussions