Redmond has released a Fix It stopgap until a proper patch is available
On Tuesday, Microsoft issued an advisory warning of a new Zero-Day vulnerability that impacts all supported versions of their Windows operating system except, Windows Server 2003. The software giant also confirmed targeted attacks looking to exploit this flaw.
The advisory says that attackers are using PowerPoint files, which contain a malicious Object Linking and Embedding (OLE) object, to trigger the vulnerability. OLE technology is used to share data between applications.
"The vulnerability could allow remote code execution if a user opens a specially crafted Microsoft Office file that contains an OLE object. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user," the advisory explained.