Download our in-depth report: The Ultimate Guide to IT Security VendorsVirus writers seem to be making the rounds of the Office applications. Word and Excel have both been hit with exploits, and now PowerPoint is the target of a zero-day vulnerability, although it uses the same modus operandi as so many other viruses.
Symantec's virus hunters have dubbed the virus Trojan.PPDropper.B, while other antivirus makers are likely dissecting it as well. It follows a well-worn pattern: an email arrives from an unknown source, in this case from a Gmail account, and has a PowerPoint file attached. The email has Chinese characters in it, which would indicate its origins are in Asia.
Once again, it counts on the end user to be dumb enough to open an attachment from an unknown source. Should you be that dumb, it executes a variant of a known keystroke logger that is used to steal personal information and send it back to a remote server. The virus then overwrites the malicious PowerPoint file with a new clean copy of the document to cover its tracks.
More disturbing than the virus is the pattern it follows. For the second time in as many months, this virus comes within days of Microsoft's (Quote, Chart) monthly patch releases. Last month, a zero-day Excel exploit hit the Internet just one day after the monthly patch release.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i This article was first published on InternetNews.com. To read the full article, click here.