The Microsoft security advisory on this flaw had this to say:
In order for this attack to be carried out, a user must first open a malicious PowerPoint file attached to an e-mail or otherwise provided to them by an attacker.
As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources.
Graham Cluley, senior technology consultant at Sophos, said it had been a "bad few weeks" for Microsoft, what with the recent major problem with the Vector Markup Language (VML) in Internet Explorer, and now this. Sophos is warning users to be extra careful when opening unsolicited files.