Forum Thread: insecure program MS office powerpoint viewer 2007

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
pdavis550@comcast.net insecure program MS office powerpoint viewer 2007
Member 29th May, 2010 17:04
Ranking: 0
Posts: 1
User Since: 10th Apr, 2010
System Score: N/A
Location: N/A
I have installed and am up to date with Microsoft windows updates and have tried to update the program myself thru Microsoft to no avail. So I set up the "ignore paths and directories" rule because the program is installed under C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\OFFICE12\PPTVIEW.EXE and according to the known issues under PSI, it may be best to have PSI ignore the program. But even after all of these actions, I'm still getting an insecure notification after several new scans.

Is there any other way to fix this issue or should I just ignore it?

Thanks for your help

pdavis

gjjean RE: insecure program MS office powerpoint viewer 2007
Contributor 29th May, 2010 18:01
Score: 192
Posts: 197
User Since: 9th Apr 2010
System Score: N/A
Location: LB


--
HP pavilion DV6
Win 7 64bit - SP1
IE10 + MSSE4.3.215
Was this reply relevant?
+2
-0
Maurice Joyce RE: insecure program MS office powerpoint viewer 2007
Handling Contributor 29th May, 2010 18:24
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@pdavis,
Using MS Update will not solve the problem because the scanner cannot see the embedded file within Office. I would delete any ignore rules U have created & use this guidance which will clear the vulnerability.


POWER POINT VIEWER EMBEDDED IN MICROSOFT OFFICE 2007
================================================== =

The only reason the Office suite has the PPTVIEW file embedded is to facilitate the option to use it when the PUBLISH & PACKAGE TO CD command is evoked.

Office Suite users have 2 options:
1. Rename the insecure file - details are at 1. below. This will remove the insecurity.

2. If U are a regular user of the PUBLISH & PACKAGE TO CD command carry out a self help work around.

WORK AROUND.
I apologise for the length of the work around. Hopefully it will result in the most novice user being able to update their expensive Office Suite to full unlimited functionality.

1.Click START>select RUN>copy & paste this into the box (if using Vista or Windows 7 type it in the search box) - C:\Program Files\Microsoft Office\Office12 - now click OK.
2. From the window that opens scroll down & look for a file called PPTVIEW.EXE - Right click on it & RENAME it PPTVIEW.EXE_OLD
3. Close all open windows.

The insecurity reported by PSI has been removed.
================================================

INSTALLING THE UPDATED FILE.(ONLY REQUIRED IF U USE THE PUBLISH & PACKAGE TO CD COMMAND)

1.Download this file and SAVE to DESKTOP - http://www.microsoft.com/downloads/details.aspx?fa...
2.For best results you need to download & install this programme: http://www.filehippo.com/download_7-zip/
3. Once 7Zip is installed right click on the Microsoft downloaded file on the desktop>scroll down to 7Zip and select OPEN ARCHIVE
4. A window will open - Look for this file (0) 1013280 right click on it>scroll down to 7Zip and select OPEN INSIDE - now look for a file pptview.msp - scroll down to 7Zip and select OPEN INSIDE - now look for a file PATCH_CAB near the bottom of the page.
6. Right click on PATCH_CAB>scroll down to 7Zip and select OPEN - a separate window will open showing the file PPTVIEW_0001 - this is the file U want to patch your Office set up.
7. Right click on file PPTVIEW_0001 - select COPY TO - a box will appear - copy & paste this into the "Copy To" box - C:\Program Files\Microsoft Office\Office12\ then click OK (Nothing appears to happen but keep the faith)
8. Close all open windows.

COMPLETING THE UPDATE.

1.Click START>select RUN>copy & paste this into the box (if using Vista or Windows 7 type it in the search box) - C:\Program Files\Microsoft Office\Office12
2.Scroll & look for 2 files:
PPTVIEW.EXE_0001
PPTVIEW.EXE_OLD
3.Right Click on the PPTVIEW.EXE_0001 file>select RENAME & rename it PPTVIEW.EXE (The icon will change to reflect it is a Microsoft active file)
4.Right Click on PPTVIEW.EXE_OLD and select DELETE.

Your Microsoft Office 2007 is now secure & fully functional.

U can now remove the Microsoft downloaded file from the desktop & uninstall 7Zip via Add/Remove if no longer required.

Version 4


This solution was produced by @Spectralkinesis - it achieves the same result as my post above.

I came up with a simple fix for this problem - just install the application.

THE PROBLEM: Secunia was reporting PPTVIEW.EXE as insecure. It was mind boggling, as I had never installed Powerpoint Viewer 2007 - only the full version of Office 2007 Professional.

The problem here is that Powerpoint Viewer 2007 is not actually installed on the local machine. Therefore Microsoft Update can't detect any available patches for PPTVIEW.EXE since it isn't installed, with all of the necessary registry entries and extra files to be patched up.

The reason the Office suite has the PPTVIEW.EXE included in the %Program Files%\Microsoft Office\Office12\ directory is so PPTVIEW.EXE can be embedded when the PUBLISH & PACKAGE TO CD command is invoked.

THE FIX:

1.) Download Microsoft Office PowerPoint Viewer 2007: http://www.microsoft.com/downloads/details.aspx?Fa...

2.) Install Microsoft Office PowerPoint Viewer 2007.

3.) Run Windows Update - the first time I ran it there were 4 Security updates to be installed.

3.) Run Windows Update again - there were an additional 4 Security updates to be installed.

4.) Rerun Secunia - the application may now be detected as the latest version.

The first time I did this, Secunia did not detect PPTVIEW.EXE as the latest version, even when I manually verified the pptview.exe version myself. The version number shows 12.0.6502.5000, but Secunia wasn't that quick on the uptake.

What I did to fix this:

1.) Rename PPTVIEW.EXE to PPTVIEW.EXE.BAK.

2.) Secunia detected the filename change and reported the application as uninstalled.

3.) Rename PPTVIEW.EXE.BAK to PPTVIEW.EXE

4.) Secunia then detected the presence of PPTVIEW.EXE and picked up the new, latest and greatest, not insecure version number.

Download & Install Microsoft Office PowerPoint Viewer 2007
Run Windows Update until there are no more updates to install.
Maybe you'll have to rename the offending .exe twice.
...

If this post has solved your problem could you please select the ACCEPT option. This will lock the thread and stop you & I from receiving unnecessary update emails.










--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0

This thread has been marked as locked.