SANS ISC

[SANS ISC] Example of ‘MouseOver’ Link in a Powerpoint File

I published the following diary on isc.sans.org: “Example of ‘MouseOver’ Link in a Powerpoint File“:

I really like Microsoft Office documents… They offer so many features that can be (ab)used to make them virtual bombs. Yesterday, I found a simple one but nicely prepared Powerpoint presentation: Payment_copy.ppsx (SHA256:7d6f3eb45c03a8c2fca4685e9f2d4e05c5fc564c3c81926a5305b6fa6808ac3f). It was still unknown on VT yesterday but it reached now a score of 1/61!. It was delivered to one of my catch-all mailboxes and contained just one slide…. [Read more]

 

3 comments

  1. Hi Xavier

    Am I wrong or should you still have the user to click on the “enable” or “Enable All (not Recommended)“ button on the “Microsoft Powerpoint Security Notice warning” that is coming up for this to work – or is there an trick to disguise this?

    /Torben

Leave a Reply

Your email address will not be published. Required fields are marked *