Microsoft patches PowerPoint flaws
The PowerPoint fix is the one and only in this month’s Patch Tuesday, but a Mac and Works update is still to come.
Microsoft has released a security patch to fix a series of serious flaws in its PowerPoint software - but only in the Windows versions of its Office suite, leaving Mac users to wait for a second release.
While one aspect of the PowerPoint flaw was discovered and made public in early April, Microsoft said on its security site that there were "several privately reported vulnerabilities" as well. There are 14 PowerPoint flaws in total that Microsoft is fixing with the patch.
Because the flaws could allow for remote code execution, Microsoft's has called the patch "critical" - it's highest security rating. Microsoft has previously admitted that the public flaw has already been targeted by hackers.
Among other fixes, the patch removes the ability to convert PowerPoint 4 files, which have effectively been disused since Office 2003, Microsoft said.
The patch is only for Microsoft Office in Windows, however. Microsoft said it will release fixes for the Mac version of the suite as well as for Microsoft Works and the Open XML File Format Converter for Mac as soon as testing is finished.
"We normally do not update one supported platform before another but given this situation of a package available for an entire product line that protects the vast majority of customers at risk within the predictable release cycle, we made a decision to go early with the Windows packages," Jonathan Ness of the Microsoft Security Response Centre said in a blog post.
Unpatched systems can be protected with a workaround, Microsoft said, advising admins to temporarily disable affected file formats or force legacy PowerPoint files to open in an isolated environment.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
While the PowerPoint flaw is serious, the single update for this month will give IT admins less work than the eight released last month.