Sample attack code that exploits the vulnerability has already been released on the Internet, a Microsoft representative wrote on a corporate blog late last week. Use of the code in an attack could cause a complete system compromise, according to Microsoft.
"The reported proof of concept may allow an attacker to execute code on a user's machine by convincing them to open a specially crafted PowerPoint file," wrote Alexandra Huft, a Microsoft Security Response representative. "We are not aware of any attacks attempting to use the reported vulnerability."
The flaw affects PowerPoint 2003, according to Microsoft. Security monitoring companies Secunia and the French Security Incident Response Team, or FrSIRT, also list earlier versions as vulnerable. FrSIRT deems the issue "critical," while Secunia rates it "highly critical."
"The vulnerability is caused (by) an unspecified error when processing PowerPoint presentations," Secunia wrote in an advisory. For protection, people should not open Office documents received from untrustworthy sources, FrSIRT advices.
Word of the new PowerPoint flaw came only days after Microsoft last weekfor Windows and Office. Several of the Office fixes were for flaws that also had previously been disclosed and some had been used in .
Miscreants are taunting Microsoft with zero-day code, or attack code released immediately after a flaw or patch is made public, experts have said. Some security watchers have started to coin the term "" to come after "Patch Tuesday," Microsoft's patch day on the second Tuesday of each month.