Microsoft warns of new Excel vulnerability

By on
Late yesterday, Microsoft confirmed in a security advisory that hackers are exploiting a vulnerability that lies within several versions of the Excel. The vulnerability appears to be a previously unknown zero-day, and a successful attack could allow malicious code to be executed on a victim’s computer.

According to the Microsoft advisory, affected versions of Excel include: Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac.

Microsoft downplayed the risk saying that the attacks appear to be targeted and not widespread. These types of attacks are usually delivered as attachments to emails, so it goes without saying that users should avoid opening unexpected email messages with attachments from unfamiliar sources. A fix is on the works, according to Microsoft, and it will be released either as part of its regular patch schedule or in an out-of-band release, “depending on customer impact.”

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.