It looks like Trend Micro has published some new spam attempts to get the users to open up the Maleware for them to deposit TROJ_PPDROP.AB onto there systems.
Trend Micro has some screen shots of the most common Fake Presentations for you to see just how they try to get you to open the file.
Although these are some common tactics forÂ attackers to use such asÂ nude pictures, Earth Hour, or Celebrities without Makeup,Â users who donâ€™t normally use PPT should check the files out before you load them.Â You also should remember to save them to a file and scan them with your Anti-virus software, also it wouldnâ€™t hurt to have a firewall software.Â It looks like these exploits tries to connect to the internet and you might be able to find out by the request from the firewall.
According to Internet Storm Center, the CVE place Holder for this is CVE-2009-0556 and hasnâ€™t become live yet. I do not think they will release that information until they get a chance for Microsoft to patch the systems.
This would be a good time to remind IT staff and anyone who might use Power Point that they should not open anything they arenâ€™t expecting and even then they should verify with your IT staff that it is safe until Microsoft issues a patch for this. I expect that if this become widely used it will be released out of Cycle or even In Mayâ€™s Patch Tuesday. According to Microsoft you could install Microsoft Office Isolated Conversion Environment (MOICE) but requires Office 2003 and Office 2007 systems. Find out how you can use this work around at Microsoftâ€™s Advisory of KB969136 for further instructions.