Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Microsoft Office Multiple PowerPoint Vulnerabilities

(MS09-017)
Microsoft has published a security bulletin addressing multiple vulnerabilities identified in Microsoft Office PowerPoint. Most of these vulnerabilities are rated ‘Critical’.

All the vulnerabilities allow remote code execution if a user opens a maliciously-crafted PowerPoint file. These vulnerabilities involve the following file types:

PowerPoint 2007

CVE-2009-0221 (CPAI-2009-112), CVE-2009-0224 (CPAI-2009-114), CVE-2009-1130 (CPAI-2009-116), CVE-2009-1131 (CPAI-2009-106)

PowerPoint 4.0

CVE-2009-0220 (CPAI-2009-122 ), CVE-2009-0222 (CPAI-2009-124), CVE-2009-0223 (CPAI-2009-120), CVE-2009-0226 (CPAI-2009-118), CVE-2009-0227 (CPAI-2009-104 ), CVE-2009-1137 (CPAI-2009-126 )

PowerPoint 95

CVE-2009-0225 (CPAI-2009-102), CVE-2009-1128 (CPAI-2009-108 ), CVE-2009-1129 (CPAI-2009-110) 

Check Point’s integrated IPS solutions, through their detailed parsing of PowerPoint formats, provide protections for these vulnerabilities. These defenses cover various attack vectors that can be used for exploiting the vulnerabilities. With Check Point’s dynamic management, administrators can easily activate these new protections, which are all immediately available for IPS Software Blade customers. SmartDefense customers also have access to some of these protections through SmartDefense Services.