Skip to main content
  1. Home
  2. Computing
  3. News

Just hovering over a link in PowerPoint can now infect your system with malware

Mark Coppock
By

researchers use ambient light sensor data to steal browser exhausted man computer problems desk hacking hackers malware frust
Shutterstock
Most often, you need to actually click on a link or run a program in order to get infected with a virus or other malware. Sometimes, however, black hat hackers figure out a way to infect a machine without the user doing anything at all.

That is the case with a new PowerPoint malware, which was discovered security company Trend Micro. This particular attack merely needs users to hover over a link with their mice in order to install a banking Trojan that has remote access, network traffic monitoring, information access, and other nefarious capabilities.

Recommended Videos

The Trojan is delivered to users in a spam email with a PowerPoint Show (PPS) or Open EML Slide Show (PPSX) file attached. These files are different from the usual PowerPoint files (PPT and PPTX) in that they can not be edited and they only open in presentation or slideshow modes.

Related

Malicious links are embedded in the PowerPoint slides that use the mouseover action to execute code that seeks to install the Trojan. For users with Protected View turned on in later versions of Microsoft Office, a security prompt pops up that the user must click through in order to enable the installation. As usual, users should never click “Enable” in such dialog boxes unless they are absolutely certain of what is actually going to run. Needless to say, clicking “Enable All” almost universally a bad idea.

Trend Micro
Trend Micro

On older versions of Office, however, or those without Protected View turned on, then the installation proceeds without any notice to the user or need for anything to be actively enabled. That makes this particular piece of malware particularly insidious and difficult to protect against. Note that Office 365’s web mode and PowerPoint Online are not affected by the attack.

The lesson here, first, is to make sure that Protected View is turned on in your Office applications. You can check on this by going to File, then Options, then Trust Center then click on the Trust Center Settings button. There, you want to select Protected View and make sure all of the options are checked. You can also look at your Macro settings while you are there and turn those off unless you’re sure you need them — Office Macros are another vector of attack.

Mark Coppock/Digital Trends
Mark Coppock/Digital Trends

It is bad enough that our machines can be infected by hackers who trick us into clicking on links and running programs. The fact that we can get infected without doing anything at all is even worse — and means we need to be even more vigilant in ensuring that all of the various security features for our software and hardware are turned on and properly updated.

Editors' Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
4 CPUs you should buy instead of the Ryzen 7 7800X3D
AMD Ryzen 7 7800X3D sitting on a motherboard.

The Ryzen 7 7800X3D is one of the best gaming processors you can buy, and it's easy to see why. It's easily the fastest gaming CPU on the market, it's reasonably priced, and it's available on a platform that AMD says it will support for several years. But it's not the right chip for everyone.

Although the Ryzen 7 7800X3D ticks all the right boxes, there are several alternatives available. Some are cheaper while still offering great performance, while others are more powerful in applications outside of gaming. The Ryzen 7 7800X3D is a great CPU, but if you want to do a little more shopping, these are the other processors you should consider.
AMD Ryzen 7 5800X3D

Read more
Even the new mid-tier Snapdragon X Plus beats Apple’s M3
A photo of the Snapdragon X Plus CPU in the die

You might have already heard of the Snapdragon X Elite, the upcoming chips from Qualcomm that everyone's excited about. They're not out yet, but Qualcomm is already announcing another configuration to live alongside it: the Snapdragon X Plus.

The Snapdragon X Plus is pretty similar to the flagship Snapdragon X Elite in terms of everyday performance but, as a new chip tier, aims to bring AI capabilities to a wider portfolio of ARM-powered laptops. To be clear, though, this one is a step down from the flagship Snapdragon X Elite, in the same way that an Intel Core Ultra 7 is a step down from Core Ultra 9.

Read more
Gigabyte just confirmed AMD’s Ryzen 9000 CPUs
Pads on the AMD Ryzen 7 7800X3D.

Gigabyte spoiled AMD's surprise a bit by confirming the company's next-gen CPUs. In a press release announcing a new BIOS for X670, B650, and A620 motherboards, Gigabyte not only confirmed that support has been added for next-gen AMD CPUs, but specifically referred to them as "AMD Ryzen 9000 series processors."

We've already seen MSI and Asus add support for next-gen AMD CPUs through BIOS updates, but neither of them called the CPUs Ryzen 9000. They didn't put out a dedicated press release for the updates, either. It should go without saying, but we don't often see a press release for new BIOS versions, suggesting Gigabyte wanted to make a splash with its support.

Read more