Microsoft said Thursday it expects to release a single patch next week -- this one to repair a zero-day vulnerability in PowerPoint
that is being leveraged in ongoing, targeted attacks.
The single fix, down from eight security bulletins released
last month by the software giant, impacts a critical PowerPoint vulnerability present in Office 2000, 2003, XP and 2007, according to an advance notification
Days before its April security update, Microsoft researchers disclosed
that a number of varying exploits were attempting to take advantage of the vulnerability.
The malware ploy works by attempting to trick users into opening a malicious PowerPoint slideshow, the researchers said. If they do, a trojan is installed on their machine.
Originally, the bug wasn't believed to impact Office 2007, but in Thursday's notification, Microsoft said PowerPoint 2007 with Service Pack 1 and 2 are affected.