[an error occurred while processing this directive]
BBC News
watch One-Minute World News
Last Updated: Thursday, 20 July 2006, 07:30 GMT 08:30 UK
Poisoned PowerPoint attacks users
Box shot of PowerPoint 2003, Microsoft
The booby-trapped file has been spammed out in e-mail
Microsoft is warning Windows users about a virus that takes over PCs via the popular PowerPoint program.

Attached to the virus is a poisoned presentation that, if opened, installs keylogging software on a computer.

Users are being told to take care because it could be weeks before Microsoft produces a patch that protects against the security loophole.

So far relatively few people are thought to have been caught out by the booby-trapped presentation.

Nasty bug

The bug that the malicious hackers behind the virus have exploited has been found in PowerPoint 2000, 2002 and 2003.

Security experts said the virus was aimed at companies in Asia because Chinese characters are used in the subject line of the e-mail the booby-trapped files are attached to and in name of the poisoned PowerPoint presentation.

The presentation purports to be 18 humorous slides about love between men and women.

The PowerPoint presentation is attached to an e-mail that arrives from a Google GMail address.

Anyone opening the PowerPoint file will trigger the virus that installs a keylogger that records everything typed on an infected machine. It also opens up a backdoor into that machine that the creators of the virus are likely to exploit to gather the recorded keystrokes or to install other malicious programs.

Chinese net cafe, AP
The virus is known to be hitting Windows users in Asia
Once a machine has been compromised the virus installs a blank version of the poisoned presentation to hide evidence that a computer has been taken over.

In an advisory about the exploit Microsoft said "limited" attacks were taking place using the bug and added: "In order for this attack to be carried out, a user must first open a malicious PowerPoint document attached to an e-mail or otherwise provided to them by an attacker."

The bug is known as a "zero-day" attack because it was exploited so soon after being discovered.

To protect themselves against hackers exploiting the bug, Microsoft warned users not to open or save PowerPoint files that turn up unexpectedly - even if they are from trusted sources.

PowerPoint has become widely used in businesses for presentations.

The virus bearing the booby-trapped PowerPoint files started circulating a day after Microsoft issued a series of software patches as part of its regular security updates. Typically these updates are issued on the second Tuesday of every month.

Security firms said the timing was deliberate as it gave the virus the longest chance to rack up victims before Microsoft gets round to closing the loophole.

Microsoft said it was on target to release a patch to protect against the exploit on 8 August.


SEE ALSO
Criminals exploit net phone calls
18 Jul 06 |  Technology
Threats prompt Mac switch advice
06 Jul 06 |  Technology
When paper clips attack
18 May 00 |  Science/Nature
Anti-piracy tool confuses users
04 Jul 06 |  Technology
Nude worm tempts World Cup fans
21 Jun 06 |  Technology
Windows gets big security update
13 Jun 06 |  Technology

RELATED INTERNET LINKS
The BBC is not responsible for the content of external internet sites



FEATURES, VIEWS, ANALYSIS
Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit

PRODUCTS & SERVICES

Americas Africa Europe Middle East South Asia Asia Pacific