The Channel logo

News

By | Lucy Sherriff 19th June 2006 10:06

Unwanted exposure for new Excel flaw

MS says 'be careful'

A new vulnerability in Microsoft's Excel has been exposed and exploited in a targeted attack, according to reports. Microsoft's security blog says at least one customer has been affected.

The software giant says for the exploit to work a user must open a malicious Excel document, and reminds its customers to "be very careful opening unsolicited attachments from both known and unknown sources".

The timing of the attack - just days after Microsoft's monthly "patch Tuesday" is thought to be more than mere coincidence. Scott Carpenter, director of Security Labs at Secure Elements told CNet that in recent similar attacks, the software giant has not issued an "out of cycle patch", and suggests the attackers wanted to "take advantage of a full month before Microsoft is scheduled to patch it".

Meanwhile, Symantec warns that attackers are actively exploiting the vulnerability. It says malicious files (called "okN.xls") have been found containing the Trojans Mdropper.J and Booli.A, which can download other files to an infected PC. The company warns that an attacker can take full control of a PC using the vulnerability.

Microsoft says its Windows Live Safety Centre now has detection capabilities for "up-to-date removal of malicious software that attempts to exploit the vulnerability". However, it has said nothing about when it plans to issue a fix. ®

alert Send corrections

Opinion

Privacy image

Frank Jennings

Two working parties, ministers galore... but data transfer law remains in limbo
EMC_Unity_bezel

Chris Evans

It does simplify the hardware setup, whatever it is
A microscopic view of the biometric shark skin. Pic: James Weaver

Chris Mellor

Do something and stop faffing about in the bush league

Kat Hall

International system in general needs greater transparency

Features

Nerd fail photo via Shutterstock
Shouting match
Single market vs. rest of the world
hacker
Mostly it's financial crime. Here's what all the cool kids' terms mean in English
Apple logo. Pic: Blake Patterson
Plenty of bumps in the 40-year road for Mac makers