Article

New zero-day attack targets Microsoft Excel

Edmond X. DeJesus, Contributor
Microsoft has confirmed field reports of a zero-day vulnerability in several versions of Microsoft Office. Opening a specially crafted Excel file may permit an attacker to execute arbitrary code.

In a bulletin on its site,

    Requires Free Membership to View

Microsoft said it is investigating what it calls "very limited" reports from the field of a specially crafted Microsoft Excel file that exploits a vulnerability in certain versions of Microsoft Office, including: Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, and Microsoft Office 2004 for Mac; Microsoft Office 2007, and Microsoft Works 2004, 2005 and 2006 are not affected.

Opening the Excel file, either as an attachment to an email or as a link on a Web site, may corrupt system memory in a way that an attacker could exploit to execute arbitrary code. The attacker could gain the same user rights as the local user. While the Excel file is the only known vector at this time, other similar files for other applications may also exploit this vulnerability.

Saturday the Bethesda, Md.-based SANS Internet Storm Center (ISC) said the malware, known as Exploit-MSExcel.h, is currently only targeting Excel, but "other Office applications are potentially vulnerable."

The French Security Incident Response Team (FrSirt) has deemed the issue critical, and vulnerability clearinghouse Secunia has labeled it highly critical, the organizations' highest respective levels of severity.

Microsoft is in the process of developing an update for Office that addresses this vulnerability, though an update to its Windows Live OneCare safety scanner removes malicious software that attempts to exploit this vulnerability. In the meantime, Microsoft advises users to exercise extreme caution when opening or saving unsolicited attachments or links on Web sites.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: