« Home | Asus Aura N48 Communicator - The First Look » | Nokia E50 » | Sony Launches iPod » | Panasonic Unveils 10 Digicams » | The BlackBerry Pearl 8100 Launches » | What buying Vista Ultimate means to Microsoft » | True Lies About Free Satellite TV On PC » | SanDisk Sansa Wireless Internet MP3 Player » | Google’s Reaction to Vista Release » | XFX GeForce 7600GT Fatal1ty Out »

Microsoft Warns of Excel Flaw!

Text Link Ads

Reportedly, Microsoft is warning that cybercriminals are exploiting a new flaw in Excel that affects several versions of its Office software, including one for Macs.

In its security advisory issued last week, Microsoft warns people of a very limited zero-day attack that takes advantage of vulnerabilities in the Excel spreadsheet program. A zero-day attack is one that exposes software bugs before they have been patched.

This latest flaw affects Microsoft Office 2000, Office 2003, Office XP, and Office 2004 for computers running Apple's Mac OS.

According to reports, the vulnerability is caused due to an unspecified error when handling strings, and can be exploited to cause a memory corruption. And that successful exploitation allows execution of arbitrary code, resulting in a compromised user system.

The company further said that attackers are sending e-mails with malicious Excel attachments, and are hosting Web sites that have Office files, which attempt to take advantage of the security flaws. And once an attacker exploits the vulnerabilities, he/she can gain control of a user's system remotely.

In its security advisory, Microsoft explained that as a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. It has added detection to the Windows Live OneCare safety scanner for up-to-date removal of malicious software that attempts to exploit this vulnerability.

The company also pointed out that the vulnerabilities might extend beyond Excel. It said that while they are currently only aware that Excel is the current attack vector, other Microsoft Office applications are potentially vulnerable.

It is learnt that Microsoft would provide free tech support to customers who believe they are affected by the zero-day attacks, and there is no charge for support calls that are associated with security updates.

Meanwhile, Microsoft is asking users to avoid opening or saving Office files that come from distrusted or unknown sources, or files that are e-mailed unexpectedly from trusted sources. And the company is expected to patch this flaw as soon as its next set of security updates, which is due next Tuesday.

Labels: , , , ,

Posted by Aadi on 07 February 2007 at 10:45 AM |

Post a Comment

About me

  • I'm Aadi
  • From Mumbai, Maharashtra, India
  • I am a cool guy, a web-publisher trying to make some money from internet. Computer and internet - can't live without it. I love to help others, especially if work is related to computers and internet.
My profile

 Subscribe in a reader

http://www.text-link-ads.com/xml_blogger.php?inventory_key=2MOQ4THQBSD14FOAR7CJ&feed=1 http://www.text-link-ads.com/xml_blogger.php?inventory_key=2MOQ4THQBSD14FOAR7CJ&feed=2

Search


Previous posts

Archives

Blogroll

Subscribe To My Feed

Mybloglog.com Readers

Page Rank Tool