[原文]PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in browsers such as Internet Explorer.
Microsoft Internet Explorer contains a flaw that allows an attacker to execute commands via malicious HTML documents. The flaw is exploited by crafting custom Powerpoint Text that is triggered when a user mouses over the link. No warning or dialog is given before launching the hostile executable.
Currently, there are no known workarounds or upgrades to correct this issue. However, Microsoft has released a patch to address this vulnerability.