[vesinisa]

> An attacker can exploit this vulnerability to execute arbitrary code but will need a specifically crafted file and use social engineering methods (observed in this campaign) to convince a user to open it

So, it's a remote exploit, but requires the user to open a document.

[viraptor]

Maybe I'm reading into details too much, but they never said "open". They said: "specifically when handling Microsoft PowerPoint files". Outlook allows previews of office files and "handling" may be involved even before the presentation is actually opened / previewed. It's just speculation though.

[userbinator]

It says "to convince a user to open it" in the description. If a preview was enough to execute, I'd think that is very important point and they'd definitely mention it - I remember distinctly "previews are sufficient" mentioned in the WMF exploit when it first came out.

[viraptor]

Thanks, I missed that bit!