Skip to main content
  1. Home
  2. Computing
  3. News

Just hovering over a link in PowerPoint can now infect your system with malware

By

researchers use ambient light sensor data to steal browser exhausted man computer problems desk hacking hackers malware frust
Shutterstock
Most often, you need to actually click on a link or run a program in order to get infected with a virus or other malware. Sometimes, however, black hat hackers figure out a way to infect a machine without the user doing anything at all.

That is the case with a new PowerPoint malware, which was discovered security company Trend Micro. This particular attack merely needs users to hover over a link with their mice in order to install a banking Trojan that has remote access, network traffic monitoring, information access, and other nefarious capabilities.

Recommended Videos

The Trojan is delivered to users in a spam email with a PowerPoint Show (PPS) or Open EML Slide Show (PPSX) file attached. These files are different from the usual PowerPoint files (PPT and PPTX) in that they can not be edited and they only open in presentation or slideshow modes.

Related

Malicious links are embedded in the PowerPoint slides that use the mouseover action to execute code that seeks to install the Trojan. For users with Protected View turned on in later versions of Microsoft Office, a security prompt pops up that the user must click through in order to enable the installation. As usual, users should never click “Enable” in such dialog boxes unless they are absolutely certain of what is actually going to run. Needless to say, clicking “Enable All” almost universally a bad idea.

Trend Micro
Trend Micro

On older versions of Office, however, or those without Protected View turned on, then the installation proceeds without any notice to the user or need for anything to be actively enabled. That makes this particular piece of malware particularly insidious and difficult to protect against. Note that Office 365’s web mode and PowerPoint Online are not affected by the attack.

The lesson here, first, is to make sure that Protected View is turned on in your Office applications. You can check on this by going to File, then Options, then Trust Center then click on the Trust Center Settings button. There, you want to select Protected View and make sure all of the options are checked. You can also look at your Macro settings while you are there and turn those off unless you’re sure you need them — Office Macros are another vector of attack.

Mark Coppock/Digital Trends
Mark Coppock/Digital Trends

It is bad enough that our machines can be infected by hackers who trick us into clicking on links and running programs. The fact that we can get infected without doing anything at all is even worse — and means we need to be even more vigilant in ensuring that all of the various security features for our software and hardware are turned on and properly updated.

Editors' Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Scores of people are downgrading back to Windows 10
The screen of the Galaxy Book4 Ultra.

Microsoft continues to struggle with the adoption of Windows 11 among its users. Recent data from Statcounter reveals a notable decline in the operating system’s market share, specifically compared with Windows 10.

After reaching an all-time high of 28.16% in February 2024, Windows 11 has experienced a drop, falling below the 26% mark.

Read more
The ASUS ROG Ally handheld gaming PC has a nice discount today
Starfield running on the Asus ROG Ally.

If you love the power of gaming PCs and the portability of the Nintendo Switch, you should think about getting a handheld gaming PC like the Asus ROG Ally. If you're interested, it's currently on sale from Walmart with an $87 discount that pulls its price down to $400 from $487. It's a pretty popular device so we expect this offer to attract a lot of attention, which means it's probably not going to last long. If you want to get this handheld gaming PC for this cheap, you should proceed with the transaction immediately.

Why you should buy the Asus ROG Ally handheld gaming PC
It's the version of the Asus ROG Ally with the AMD Ryzen Z1 Extreme that's listed in our roundup of the best handheld gaming PCs, but the Asus ROG Ally Z1 is still a worthwhile purchase because it gives you a gaming PC that you can bring with you wherever you go. Unlike a gaming laptop that's still pretty bulky with its large screen and keyboard, the Asus ROG Ally takes on the form of a portable gaming console like the Nintendo Switch, but with Windows 11 pre-installed as a familiar operating system to navigate and launch the best PC games.

Read more
The HP Victus gaming PC with RTX 3060 has a $550 discount
The HP Victus 15L gaming PC in white.

Gamers don't need to spend more than $1,000 if they want to buy a new gaming PC because there are affordable options like the HP Victus 15L gaming desktop. From its original price of $1,400, you can get it for just $850 as HP has applied a $550 discount on this machine. However, you shouldn't delay your purchase because there's no assurance that the gaming PC will still be 39% off tomorrow. If you want to make sure that you get it for less than $1,000, you're going to have to complete the transaction for it within the day.

Why you should buy the HP Victus 15L gaming desktop
You shouldn't expect the HP Victus 15L gaming desktop to match the performance of the top-of-the-line models of the best gaming PCs, but it's surprisingly powerful for its cost. Inside it are the 13th-generation Intel Core i7 processor and the Nvidia GeForce RTX 3060 graphics card, with 16GB of RAM that our guide on how much RAM do you need says is the best place to start for gaming. It's enough to play today's best PC games without any issues, and it may even be capable of running the upcoming PC games of the next few years if you're willing to dial down the settings for the more demanding titles.

Read more