Microsoft patches PowerPoint but Mac users left out
If you use PowerPoint for Windows, this month’s Microsoft security update has important patches to fix a critical vulnerability. If you use the Mac edition of PowerPoint … good luck.
In an unusual step, Microsoft is not patching the program for both operating systems at the same time. There’s a simple explanation, albeit one that won’t be popular with all users: the Windows patch is ready, the Mac one isn’t, and Microsoft isn’t going to delay the Windows patch just to keep everyone happy.
The firm also argues that while the vulnerability affects both systems, all evidence of attacks which are already happening involve Windows. Of course, the problem there is that the update does a pretty good job of tipping off hackers that Mac users of PowerPoint are worth a look right now, assuming they consider that a big enough audience to bother with.
Security firms have claimed it would be easy for hackers to figure out a viable Mac attack technique from the Windows patch, but Microsoft insists this is not the case. There have also been some complaints that Microsoft normally tries to block security researchers from publicizing any vulnerability until a patch is available (a ‘responsible disclosure’ policy), but is doing just that itself.
As well as addressing the current problem (your standard ‘open infected file, hacker gets control of your computer’ issue), the Windows fix removes all support for PowerPoint 4 files. That edition has been outdated since the mid-90s, but subsequent editions continued to offer file conversions. Microsoft has now concluded that the security risks accompanying such files outweigh the benefits of supporting it more than a decade later. The firm has issued a registry key for temporarily re-enabling file conversions for users who desperately need to open an old file and are confident it isn’t infected.
Related Posts:
