A bug in Microsoft’s PowerPoint presentation maker that security researchers thought was brand new is not, Microsoft now says.
Earlier this week, several security vendors reported that PowerPoint, which was struck by exploits in July that leveraged an unpatched bug, contained another “zero-day” vulnerability which could be used in attacks against PCs. (One of the 12 security bulletins released Aug. 8 fixed the flaw that led to the July attacks.)
Nope, Microsoft said Wednesday in an entry on the company’s security research center (MSRC) blog.
“This is NOT a zero day,” wrote a member of the MSRC operations team identified only as “Scott.” “Malware in the malicious .ppt leverages a previously fixed vulnerability in Microsoft Office to drop the payload,” he added.