Watch on Demand: Attack Surface Management Summit | All Sessions Now Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Malicious PowerPoint File Targeting Flash Player Vulnerability

Researchers at Trend Micro have discovered a malicious PowerPoint file circulating via email, which if executed, installs a backdoor on the victim’s system. The backdoor is made possible thanks to a vulnerability in Flash Player. The good news, however, is that the vulnerability itself has long since been patched, and malicious attachments are easy to avoid.

Researchers at Trend Micro have discovered a malicious PowerPoint file circulating via email, which if executed, installs a backdoor on the victim’s system. The backdoor is made possible thanks to a vulnerability in Flash Player. The good news, however, is that the vulnerability itself has long since been patched, and malicious attachments are easy to avoid.

“Recent threats are no longer limited to malicious files disguised as ordinary binaries (such as .EXE file) attached to emails. These specially crafted files can be embedded in commonly used files such as PDF, DOC, PPT or XLS files,” Trend researcher, Cris Pantanilla, wrote in a recent blog.

Trend MicroThe malicious PowerPoint arrives via email, and if it is opened, it will display a legitimate looking document. However, while the false presentation is shown, code within the file itself attempts to exploit an Adobe Flash Player vulnerability from 2011.

If successful, the victim’s system is exposed to additional malware, as the vulnerability allows for remote code execution.

“…cybercriminals are continuously taking advantage of previously reported vulnerabilities in popular software such as MS Office applications, Flash etc….exploits created for reliable vulnerabilities remain effective cybercriminal tools…[as] most users do not regularly update their systems’ with the latest security patch, which explains why attackers are continuously exploiting these bugs,” Pantanilla added.

In the end, he concluded, system patching and caution when dealing with file attachments from unknown sources will prevent this basic level of attack.

Trend Micro detects the malicious PowerPoint file as TROJ_PPDROP.EVL and the backdoor file as BKDR_SIMBOT.EVL. More information is available here

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Bob Turner has been named CISO at Penn State University.

V2X has appointed Christopher Carter as CISO.

Andrew McLaughlin has been appointed Chief Operating Officer at SandboxAQ.

More People On The Move

Expert Insights