New zero-day attack targets Microsoft Excel

By Edmond X. DeJesus, Contributor 05 Feb 2007 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

In a bulletin on its site, Microsoft said it is investigating what it calls "very limited" reports from the field of a specially crafted Microsoft Excel file that exploits a vulnerability in certain versions of Microsoft Office, including: Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, and Microsoft Office 2004 for Mac; Microsoft Office 2007, and Microsoft Works 2004, 2005 and 2006 are not affected.

Opening the Excel file, either as an attachment to an email or as a link on a Web site, may corrupt system memory in a way that an attacker could exploit to execute arbitrary code. The attacker could gain the same user rights as the local user. While the Excel file is the only known vector at this time, other similar files for other applications may also exploit this vulnerability.

Saturday the Bethesda, Md.-based SANS Internet Storm Center (ISC) said the malware, known as Exploit-MSExcel.h, is currently only targeting Excel, but "other Office applications are potentially vulnerable."

The French Security Incident Response Team (FrSirt) has deemed the issue critical, and vulnerability clearinghouse Secunia has labeled it highly critical, the organizations' highest respective levels of severity.

Microsoft is in the process of developing an update for Office that addresses this vulnerability, though an update to its Windows Live OneCare safety scanner removes malicious software that attempts to exploit this vulnerability. In the meantime, Microsoft advises users to exercise extreme caution when opening or saving unsolicited attachments or links on Web sites.

Tags: Securing Productivity Applications,  Malware, Viruses, Trojans and Spyware,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Securing Productivity Applications Adobe ColdFusion websites being compromised Adobe fixes critical Shockwave Flash Player flaw Adobe issues first quarterly patch release fixing 13 flaws Adobe shifts to Microsoft patching process, incident response plan Balancing security and performance: Protecting layer 7 on the network Software Piracy pandemic needs government role, better vendor antipiracy plans McAfee to acquire Solidcore Systems for whitelisting Adobe issues Reader update fixing zero-day flaw Microsoft to patch critical PowerPoint zero-day flaw PCI DSS: Best practices for compliance Malware, Viruses, Trojans and Spyware How to get rid of malware, botnets on a hospital IT network Should a national cybersecurity strategy include offensive botnets? How to prevent mobile phone spying How can search results lead to malware? How to defend against rogue DHCP server malware New Trojan stealing FTP credentials, attacking FTP websites Cybercriminals exploit Michael Jackson, Farrah Fawcett deaths When BIOS updates become malware attacks Antispyware buying guide for Indian enterprises PCI compliance requirement 5: Antivirus

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary sheepdip  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary