Fortinet Discovers Microsoft Office Powerpoint Vulnerability
Fortinet's FortiGuard Labs has discovered a DLL loading vulnerability in Microsoft Office Powerpoint, which allows a remote attacker to compromise a system through a malicious DLL.
SolutionsUsers should apply the solution provided by Microsoft.
A remote code execution vulnerability exists in the way that Microsoft Office handles the loading of DLL files. An attacker who successfully exploits this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This vulnerability requires a user to open a document contained within the same working directory as a specially crafted DLL file. The specially crafted DLL will be loaded into memory giving the attacker control of the affected system in the security context of the logged-on user.
Haifei Li of Fortinet's FortiGuard Labs