PowerPoint zero-day attack compromises data in infected Windows PCs; Mac OS X unaffected

“A second Trojan used in the latest zero-day attack against Microsoft Office contains characteristics that pinpoint corporate espionage as the main motive, according to virus hunters tracking the threat,” Ryan Naraine reports for eWeek.

Naraine reports, “According to an alert from Symantec, a backdoor called Trojan.Riler.F is installing itself as a layered service provider, or LSP, allowing it access to every piece of data entering and leaving the infected computer.”

“Alfred Huger, senior director of engineering at Symantec, said the dirty PowerPoint file infects the machine with a piece of malware called Trojan.PPDropper.C which in turn drops two separate backdoors that give the attack unauthorized access to the compromised computer,” Naraine reports. “Symantec’s Huger said the sophisticated nature of the attacks suggest it is the work or well-organized criminals associated with industrial espionage… The F-Secure anti-virus team found backdoors connecting to China-hosted domains in March 2005, September 2005, March 2006, April 2006, May 2006 and July 2006.”

“Microsoft plans to issue a patch on August 8 for users of Microsoft PowerPoint 2000, Microsoft PowerPoint 2002 and Microsoft PowerPoint 2003,” Naraine reports. “In the meantime, anti-virus experts are urging Microsoft Office users to be on the lookout for suspicious attachments, even those that appear to come from colleagues internally.”

Full article here.

By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious.click for more info.

[UPDATE: 12:45pm EDT: Changed headline from “Macintosh” to “Mac OS X.” Those who run Windows on their Macs are at risk, of course. That’s the fun of Windows. As Apple says on their Boot Camp page, “Windows running on a Mac is like Windows running on a PC. That means it’ll be subject to the same attacks that plague the Windows world. So be sure to keep it updated with the latest Microsoft Windows security fixes.” Try using Keynote instead and you’ll probably get a standing ovation when you give your next presentation.]

Related MacDailyNews articles:
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
Symantec sues Microsoft to halt Windows Vista development – May 19, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Computer columnist: anti-virus software purely optional for Apple Macs, not so for Windows – November 01, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005

New invisible rootkit hits Windows including Vista – July 17, 2006
Microsoft demos Windows Vista on Apple MacBook Pro – July 01, 2006
What Microsoft has chopped from Windows Vista, and when – June 27, 2006
Windows Vista rips-off Mac OS X at great hardware cost (and Apple gains in the end) – June 13, 2006
CNET reporter: Apple Mac mini is my most ‘Vista Ready’ PC – May 24, 2006
Thurrott: Microsoft collapsing under its own weight, Gates has driven Windows Vista into the ground – April 20, 2006
Dude, you got a Dell? What are you, stupid? Only Apple Macs run both Mac OS X and Windows! – April 05, 2006
Why buy a Dell when Apple’s Intel-based computers will run both Mac OS X and Windows? – June 08, 2005
Windows users who try Apple’s Mac OS X Tiger might not want to go back – June 07, 2005


  1. i can’t wait for the next iWork update. this m$oft office virus news coupled with a significant iWork update can spell even larger gains for the Apple camp.

    MDN Word: waiting…as in i’m just waiting for people to get with the (mac) program(s)

  2. Saw “An Incovenient Truth” this week — the spouse had to mop up the drool whenever Al Gore was using his PowerBook to set up the Keynote presentation.

    If Apple comes out with a spreadsheet app, it’s goodbye Office for me… ” width=”19″ height=”19″ alt=”smile” style=”border:0;” />

  3. the sophisticated nature of the attacks suggest it is the work or well-organized criminals associated with industrial espionage

    Microsoft runs on PowerPoint (heh). I wonder how they’re staying secure, they gotta be a major espionage target.

    Then again MS trumpets hot new initiatives when they’re barely whiteboarded, so there probably aren’t many secrets waiting to be had.

  4. Classic.

    Now even PowerPoint, POWERPOINT, can hose your computer.

    Come on Apple. The time is now to release the MSOffice killer so we can finally dump MSOffice.

    I understand MSOffice is key to the Mac platiform. Just give us a choice.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.