Microsoft advised PowerPoint users this week to avoid Office files from untrusted sources – and unexpected files from trusted sources – as a workaround for the recently discovered flaw in PowerPoint now being exploited in targeted attacks.
Microsoft researchers ware finalizing an update that could be released as part of the Aug. 8 Patch Tuesday, according to a new security advisory released this week.
The Redmond, Wash., company was investigating new reports of limited zero-day attacks using the flaw, according to a company spokesman.
On Monday, Stephen Toulouse, security program manager, said the company's researchers were working "on a state of high alert" since targeted attacks on Office flaws began appearing in recent months.
The PowerPoint exploit, like an exploit for Excel used a month before, was first seen in the days following Patch Tuesday, when Microsoft released seven new fixes for security flaws in its products.