Article

Microsoft warns of Excel zero-day flaw

Bill Brenner

Attackers are actively exploiting a zero-day flaw in Microsoft Excel to infect and hijack targeted machines, the software giant warned in an advisory yesterday. The only defense at this point is to avoid opening Excel files from untrusted sources.

Microsoft Excel is used in many banking and financial firms and is the most popular spreadsheet application used by businesses for many bookkeeping tasks.

Microsoft Security Response Center spokesman Tim Rains said in an email Tuesday that the vulnerability affects Microsoft Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac. Customers who are using Microsoft Office Excel 2007, Microsoft Excel 2008 for Mac or have installed Microsoft Office Excel 2003 Service Pack 3 are not affected, he said.

    Requires Free Membership to View

Microsoft Security Advisory (947563) acknowledges "limited attacks" against the vulnerability. Microsoft said that once its investigation is completed it may release a patch either through its monthly security update or as an out-of-cycle release.

"Microsoft continues to encourage customers to follow the guidance of enabling a firewall, applying all software updates and installing antivirus and antispyware software," the software giant said in the advisory.

In addition to not opening untrusted Excel files, Microsoft recommended Excel 2003 customers consider using the Microsoft Office Isolated Conversion Environment (MOICE) or Microsoft Office File Block policy. MOICE is designed to convert Office 2003 files to the new Office 2007 Open XML format with the goal of squeezing malicious exploits from the file. It creates a "sandbox" with a restricted tolken where documents are scrubbed for malware. Once the malware is ejected, the file can be opened as it normally is in Office 2003.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: