Apparently, hackers have discovered the security flaw in Microsoft Office Suite. They exploit this flaw by using Microsoft PowerPoint to attack Windows users and gain control of computer systems.
Microsoft stated on its website that some Microsoft PowerPoint users have experienced some attacks – in their words, “limited, targeted attacks”. If a hacker successfully manipulates the security flaw, they can gain control of the user’s system. This kind of control grants the hacker access to alter or delete data, install harmful programs (malware) and remotely execute codes.
All supported releases of Microsoft Windows are susceptible to such hacks as the hack manifests whenever a specially crafted Microsoft Office file that is infected with an OLE (object linking and embedding) object. An OLE object can be an Excel spreadsheet that’s placed in a Word document.
The good news is the attack can only be effective with user interaction which means you would have to consent to open the infected OLE file. If you want to download a PowerPoint file from the web, a prompt message would be displayed on your screen asking you for download permission. It’s ok to click yes the first time but be careful of multiple prompts as you could be granting access to an infected file. Microsoft suggests users avoid opening any PowerPoint files from an untrusted source.
This threat isn’t only for PowerPoint files as Microsoft says all Office file types are at risk of being infected with OLE objects. As Microsoft continues to investigate this security flaw, we expect a secutirty patch would be added to the next update or the release of an emergency update, based on the results of their findings.