Zscaler, working with Microsoft through their MAPPs program, has proactively deployed protections for two web based, client side vulnerabilities included in the May 2011 Microsoft patch cycle. Zscaler will continue to monitor exploits associated with this release and deploy additional protections as necessary.
MS11-036 – Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2545814)
CVE-2011-1269 Presentation Memory Corruption RCE Vulnerability
Description: A vulnerability exists when Microsoft PowerPoint does not properly handle memory during function calls while parsing a specially crafted PowerPoint file.
CVE-2011-1270 Presentation Buffer Overrun RCE Vulnerability
Description: A vulnerability exists when Microsoft PowerPoint encounters a memory handling error while parsing a specially crafted PowerPoint file.