Ppdropper.A is a Trojan that exploits a vulnerability in certain versions of Power Point, which allows hackers to gain remote control of the affected computer with the same privileges as the logged on user.
This way, the computer becomes an entry point to other malware, such as the backdoor Bifrose.QN.
Several proofs of concept that exploit this vulnerability in Power Point have been made available. Additionally, code that actively exploits this vulnerability in Power Point has been found.
The vulnerability can be exploited by enticing users into opening a specially crafted Power Point slideshow that contains malicious code. This document can be distributed using several methods, such as email, websites, network shares, etc.
Affected versions are:
- Office 2003 Service Pack 1 and Service Pack 2: Power Point 2003.
- Office XP Service Pack 3: Power Point 2002.
- Office 2000 Service Pack 3: Power Point 2000.
- Office v. X for Mac: Power Point 2004 v. X for Mac.
- Office 2004 for Mac: Power Point 2004 for Mac.
If you have any of the versions mentioned above, it is recommendable to download and apply the security patch referred to the vulnerabilities in Microsoft Office, which are included in the security bulletin MS06-048. for this vulnerability. Access the web page for downloading the patch.