New zero-day attack targets Microsoft Excel

By Edmond X. DeJesus, Contributor 05 Feb 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

In a bulletin on its site, Microsoft said it is investigating what it calls "very limited" reports from the field of a specially crafted Microsoft Excel file that exploits a vulnerability in certain versions of Microsoft Office, including: Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, and Microsoft Office 2004 for Mac; Microsoft Office 2007, and Microsoft Works 2004, 2005 and 2006 are not affected.

Opening the Excel file, either as an attachment to an email or as a link on a Web site, may corrupt system memory in a way that an attacker could exploit to execute arbitrary code. The attacker could gain the same user rights as the local user. While the Excel file is the only known vector at this time, other similar files for other applications may also exploit this vulnerability.

Saturday the Bethesda, Md.-based SANS Internet Storm Center (ISC) said the malware, known as Exploit-MSExcel.h, is currently only targeting Excel, but "other Office applications are potentially vulnerable."

The French Security Incident Response Team (FrSirt) has deemed the issue critical, and vulnerability clearinghouse Secunia has labeled it highly critical, the organizations' highest respective levels of severity.

Microsoft is in the process of developing an update for Office that addresses this vulnerability, though an update to its Windows Live OneCare safety scanner removes malicious software that attempts to exploit this vulnerability. In the meantime, Microsoft advises users to exercise extreme caution when opening or saving unsolicited attachments or links on Web sites.

Tags: Securing Productivity Applications,  Malware, Viruses, Trojans and Spyware,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Securing Productivity Applications How to detect software tampering Adobe fixes 29 flaws in Acrobat, Reader Adobe warns of critical update for Reader, Acrobat 9.1.3 Why should we place data files on a separate partition than the OS? Adobe updates ColdFusion, JRun, Flex Serious Adobe Flash flaw being exploited Adobe acknowledges serious Flash zero-day vulnerability Adobe issues security advisory for Flash zero-day flaw When to use the service features of the Metasploit hacking tool How to manage patches for Adobe Malware, Viruses, Trojans and Spyware iPhone worm Rickrolls jailbroken phones Israeli Mossad add Trojan Horse to Syrian laptop Schneier-Ranum Face-Off: Is antivirus dead? Modern malware, stealthy botnets, adapt quickly, expert says Computer worm infections up, scareware antivirus down, Microsoft says Web-based attacks skyrocket, pirating sites surge, security firms say Mini guide: How to remove and prevent Trojans, malware and spyware Kaspersky system analyzes malicious URLs on Twitter for malware Silon malware intercepts Internet Explorer sessions, steals credentials Breach forces payroll service provider PayChoice to shut down again

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary sheepdip  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary