Fortinet, provider of multi-threat security solutions, announced that its security research team was key in discovering the latest Microsoft critical vulnerability, CVE-2006-0022, which impacts users of several versions of Microsoft PowerPoint. The vulnerability allows attackers to execute arbitrary code via a Microsoft PowerPoint document and let the attacker take full control of the client workstation. The attacker could then download and install further malicious code and access private user information.

The vulnerability affects users of the following software: Microsoft Office 2000 Service Pack 3, Microsoft PowerPoint 2000, Microsoft Office XP Service Pack 3, Microsoft PowerPoint 2002, Microsoft Office 2003 Service Pack 1 or Service Pack 2, Microsoft PowerPoint 2003, Microsoft Office 2004 for Mac, Microsoft PowerPoint 2004 for Mac, Microsoft Office v. X for Mac, Microsoft PowerPoint v. X for Mac, Microsoft PowerPoint users should immediately apply the update provided by Microsoft.

According to the company, all FortiGate systems in production worldwide are kept up to date automatically by Fortinet's FortiGuardNetwork, which provides continuous updates that ensure protection against the latest threats around the clock and around the world. Fortinet's security research team was, critical in discovering this vulnerability, as noted in the Microsoft Security Bulletin (http://www.microsoft.com/technet/security/Bulletin/MS06-028.mspx).

Page(s)   1