The latest security flaw to strike Microsoft's products is an exploit that would allow unscrupulous users to run a macro in either PowerPoint or Excel 2000 or 2002 despite Microsoft's macro defences.
Macros are small pieces of code in applications that automate certain tasks, such as finding and replacing text. In the past attackers have created malicious macros capable of deleting or changing files or moving them to different locations. Microsoft has countered that threat by introducing a feature that warns users before executing any macro.
This vulnerability, however, allows attackers to skirt this protection and to create a macro that will launch without needing user intervention.
The vulnerability was first brought to Microsoft's notice by anti-virus firm Symantec two months ago and Microsoft has released patches which should be applied as soon as possible.
The exploit only works on the latest versions of PowerPoint or Excel, the 2000 or 2002 editions, and also work on the Apple Macintosh platform running these applications.