Days after Microsoft patched critical holes in Excel, it's got a new Office related threat to deal with: a 0day Powerpoint exploit. It was just Tuesday that Microsoft patched up a slew of holes in Office and Exchange. Now it looks like they’ve got another Office-related security problem on their hands: a previously unknown and unpatched (0day) vulnerability in the PowerPoint presentation software. According to Symantec, researchers on the company’s DeepSight Threat Analyst Team have found examples of an attack using the PowerPoint 0day hole on the Internet. The company doesn’t know if the exploit is widely circulating, or if its just being used in targeted attacks, nor does it know what the source of the vulnerability, Symantec said in an alert. According to DeepSight, the exploit arrives as a Microsoft PowerPoint document attachment to an email message, sent from a Google email account and containing Chinese characters in the subject line. When a user launches the PowerPoint document, the vulnerability is triggered, dropping a Trojan horse program called PPDDropper.B, which in turn downloads and installs a backdoor program called Bifrose.B. That file actually overwrites the infected Powerpoint file with a clean file, in an attempt to fool scanning programs. That’s a technique, Symantec points out, used by whoever was behind a string of Excel-based 0day attacks in recent months. Symantec is posting details of the PowerPoint vulnerability here. Security