[SANS ISC] Example of ‘MouseOver’ Link in a Powerpoint File

I published the following diary on isc.sans.org: “Example of ‘MouseOver’ Link in a Powerpoint File“:

I really like Microsoft Office documents…Â They offer so many features that can be (ab)used to make them virtual bombs. Yesterday, I found a simple one but nicely prepared Powerpoint presentation: Payment_copy.ppsx (SHA256:7d6f3eb45c03a8c2fca4685e9f2d4e05c5fc564c3c81926a5305b6fa6808ac3f). It was still unknown on VT yesterday butÂ itÂ reached now a score of 1/61!. It was delivered to one of my catch-all mailboxes and contained just one slide….Â [Read more]

4 comments

Pingback: [SANS ISC] Example of ‘MouseOver’ Link in a Powerpoint File | Atlantic Tagmata AI Security Feed
Pingback: [SANS ISC] Example of â€˜MouseOverâ€™ Link in a Powerpoint File – Insuring Your Futureâ€¦ Today.
Xavier says:

December 19, 2017 at 20:13

Hi Torben,
Of course, a properly configured Office environment won’t execute the code behind the link…
Torben Nielsen says:

December 19, 2017 at 16:34

Hi Xavier

Am I wrong or should you still have the user to click on the â€œenableâ€ or â€œEnable All (not Recommended)â€œ button on the â€œMicrosoft Powerpoint Security Notice warning” that is coming up for this to work – or is there an trick to disguise this?

/Torben

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Leave a Reply