In order to exploit this vulnerability, the attacker must convince a user to view a malicious PowerPoint document. The attacker may deliver a document to the user as an e-mail attachment, using social engineering techniques.
On systems where users hold elevated privileges, the attacker could execute code resulting in a complete compromise. However, if the user runs applications with limited privileges, any code execution as the result of an exploit would occur in a restricted security context, limiting the overall impact.
The Cisco Applied Intelligence team has created an Applied Mitigation Bulletin to address vulnerabilities that Microsoft disclosed in the February 2010 security bulletin release. This Cisco bulletin, which assists administrators in identifying or mitigating these vulnerabilities using Cisco devices, is available at the following link: Cisco Applied Mitigation Bulletin: Microsoft Security Bulletin Release for February 2010