COMMAND

    PowerPoint

SYSTEMS AFFECTED

    Microsoft PowerPoint 2000

PROBLEM

    Following is based on  a @stake Security Advisory  Notification by
    Dave Aitel and Frank Swiderski.  Microsoft PowerPoint is a  widely
    used application  for Microsoft  Windows that  allows the  user to
    create  and  view   presentations.   Unfortunately,  a   malicious
    PowerPoint file  can take  control of  the PowerPoint  application
    itself, without a warning window being printed to the viewer.

    Because Windows Internet Explorer trusts Microsoft PowerPoint,  it
    will  allow  a  PowerPoint  file  to  be  embedded  in a web page,
    automatically loading PowerPoint to parse it, and making the  user
    vulnerable to exploitation.   HTML-email, if enabled,  could be  a
    similar vector for attack.

    Exploitation  of  this  vulnerability  would  allow  the  attacker
    control over the machine on which PowerPoint is running, as if  he
    had the permissions of the user PowerPoint is running as.

    Advisory Reference:

        http://www.atstake.com/research/advisories/2001/a012301-1.txt

SOLUTION

    A  patch  is  available  to  fix  this vulnerability.  Please read
    Security Bulletin MS01-002 at:

        http://www.microsoft.com/technet/security/bulletin/ms01-002.asp

    for information on obtaining this patch.  Note that on January 22,
    Microsoft released the original version of bulletin.  However, the
    originally  released  patch  did  not  include the entirety of the
    fixes related to  this vulnerability.   An updated patch  has been
    made available that corrects the orginally reported vulnerability.
    Customers who downloaded and  installed the original patch  should
    download and install the updated patch.