Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Malicious PowerPoint File Targeting Flash Player Vulnerability

Researchers at Trend Micro have discovered a malicious PowerPoint file circulating via email, which if executed, installs a backdoor on the victim’s system. The backdoor is made possible thanks to a vulnerability in Flash Player. The good news, however, is that the vulnerability itself has long since been patched, and malicious attachments are easy to avoid.

Researchers at Trend Micro have discovered a malicious PowerPoint file circulating via email, which if executed, installs a backdoor on the victim’s system. The backdoor is made possible thanks to a vulnerability in Flash Player. The good news, however, is that the vulnerability itself has long since been patched, and malicious attachments are easy to avoid.

“Recent threats are no longer limited to malicious files disguised as ordinary binaries (such as .EXE file) attached to emails. These specially crafted files can be embedded in commonly used files such as PDF, DOC, PPT or XLS files,” Trend researcher, Cris Pantanilla, wrote in a recent blog.

Trend MicroThe malicious PowerPoint arrives via email, and if it is opened, it will display a legitimate looking document. However, while the false presentation is shown, code within the file itself attempts to exploit an Adobe Flash Player vulnerability from 2011.

If successful, the victim’s system is exposed to additional malware, as the vulnerability allows for remote code execution.

“…cybercriminals are continuously taking advantage of previously reported vulnerabilities in popular software such as MS Office applications, Flash etc….exploits created for reliable vulnerabilities remain effective cybercriminal tools…[as] most users do not regularly update their systems’ with the latest security patch, which explains why attackers are continuously exploiting these bugs,” Pantanilla added.

In the end, he concluded, system patching and caution when dealing with file attachments from unknown sources will prevent this basic level of attack.

Trend Micro detects the malicious PowerPoint file as TROJ_PPDROP.EVL and the backdoor file as BKDR_SIMBOT.EVL. More information is available here

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

IoT Security

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Email Security

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Vulnerabilities

A high-severity format string vulnerability in F5 BIG-IP can be exploited to cause a DoS condition and potentially execute arbitrary code.