Microsoft Security Advisory 969136

Bill here,


I wanted to let you know that we have just posted Microsoft Security Advisory (969136).


This advisory contains information regarding public reports of a vulnerability in Microsoft Office PowerPoint that could allow for remote code execution if a user opens a specially crafted PowerPoint file.


At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability. If you suspect that you were target for such an attack, you can scan your computer with the Windows Live OneCare safety scanner. The malicious PPT files are detected as Exploit:Win32/Apptom.gen. Microsoft will take the appropriate action to protect our customers, which may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs.


Products affected are Microsoft Office PowerPoint 2000 Service Pack 3, Microsoft Office PowerPoint 2002 Service Pack 3, Microsoft Office PowerPoint 2003 Service Pack 3, and Microsoft Office 2004 for Mac. Microsoft Office PowerPoint 2007 is not affected.


The advisory contains guidance and workarounds that customers can use to help protect themselves. We will continue to monitor the situation and post updates to the advisory and the MSRC Blog as we become aware of any important new information.

To better help in understanding the issue, Microsoft security experts have provided additional technical details on the Microsoft Security Research & Defense blog and the Microsoft Malware Protection Center team blog.

We have activated our Software Security Incident Response Process (SSIRP) and we are continuing to investigate this issue.  In addition, we are actively working with partners in the Microsoft Active Protections Program (MAPP) and the Microsoft Security Response Alliance (MSRA) program to provide information that they can use to provide broader protections to customers. 

Bill Sisk

 *This posting is provided “AS IS” with no warranties, and confers no rights.*


April 3rd change: added Microsoft Office 2004 for Mac as affected product