[Cakez0r]

I think another (real) windows zero day will be announced soon. I received an email from Rackspace giving advanced notice that they will be patching all Windows servers to fix a 0day. I'm not sure why they'd take such measures for an exploit involving opening powerpoint files...

Content of the email, for those interested: http://pastebin.com/AZBcQ2DF

[sauere]

Pretty sure this is about this CVE.

[Cakez0r]

But I expect most servers don't have any software on them related to opening emails or Office files. I would've thought that Rackspace reserves mandatory server hotfixes for only the most serious vulnerabilities (E.G. shellshock).

[Anderkent]

While ppt's are the vector in the wild it seems the core vulnerability is in packager.dll, so possibly other ways of abusing it exist.

[viraptor]

Why not? Automated document processing, hosted desktop, and a few other ideas come to mind where the server would be affected.