PowerPoint vulnerability enables malware spreading

Network security

Researchers have discovered that cyber attackers are exploiting a vulnerability that allows them to elude antivirus software to deliver malware via Microsoft PowerPoint.

The flaw itself exists in the Windows Object Linking and Embedding (OLE) interface and attackers have previously used it to deliver infected Rich Text File (.RTF) documents. Trend Micro's researchers noticed that attackers have now infected PowerPoint files to deliver malicious code.

The attacks begin with a spear-phishing email with a message from a cable manufacturing provider. So far, those behind the recent attacks, have targeted organizations that operate in the electronics manufacturing industry with messages that appear to be sent from a business partner related to an order request.

The malicious PowerPoint file is attached to the email and tricks victims into thinking it contains shipping information. When opened, the file triggers an exploit for the CVE-2017-0199 vulnerability which then infects their system. The code is run using PowerPoint's show animations feature and this allows it to download a file logo document which then executes a file called 'RATMAN.EXE' via PowerShell.

This executable is merely a Trojanized version of the Remcos remote access tool that gives the attackers the ability to keylog, screenlog, tap into the systems microphone and webcam and even download and run other malware. The user's machine is then under complete control of the attacker often without them even noticing that their device has been compromised.

Microsoft did release patches back in April to address the vulnerability and it is recommended that all users fully update their systems and stay on the lookout for emails similar in nature to the ones used in these attacks.

Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.

Photo Credit: fotogestoeber/Shutterstock

Comments are closed.

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

Regional iGaming Content

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.