Attackers Are Using Microsoft Powerpoint To Install Malware And Enable Remote Code Execution
Recently, however, there’s been a shift from the use to Rich Text File attachments to Microsoft’s own PowerPoint format. According to the firm, a phishing email is sent to users, often spoofing an invoice, and has a .ppsx file linked. Downloading and opening the presentation reveals a slide with the text CVE-2017-8570, an older Office exploit that isn’t actually used in the attack. Instead, it exploits CVE-2017-0199, which is used to start the infection process via PowerPoint animations....