Advertisement
Promo

Security threats Toolkit

Microsoft warns of Excel zero-day attacks

Tom Espiner ZDNet.co.uk

Published: 17 Jan 2008 14:40 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

Microsoft is warning of zero-day attacks against users of some older versions of Excel.

Versions of Microsoft Office Excel containing the zero-day vulnerability include Excel 2003 Service Pack 2, Excel Viewer 2003, Excel 2002, Excel 2000 and Excel 2004 for Mac.

The vulnerability is caused due to an unspecified error in the handling of Excel files, and can be exploited via a specially crafted Excel file with malformed header information, according to a Secunia advisory. Exploit code is publicly available, Secunia warned.

The attacks have so far been limited in scope, according to a Microsoft security advisory. In the advisory, Microsoft said it believes the risk to customers at this time to be "limited" as the attacks are targeted and the vulnerability has not been "publicly disclosed broadly".

Read this

PSCS3
Photos: Stepping inside Microsoft's war room

Painful past episodes led to the creation of the Security Response Center, where teams take on the task of hunting bugs and keeping customers informed

Read more +

However, no patch is currently available and Microsoft is advising customers who believe they have been attacked to contact their national law-enforcement agency. For example, US customers who believe they are victims of a cyberattack should contact the FBI. UK users have no such option as currently there is no centralised unit that the crime can be reported to. Law-enforcement professionals advise UK businesses to report suspected cybercrime to their local police.

Email-borne attacks on this vulnerability require the user to open an attachment to become infected. Infected websites must be visited by the user, which Microsoft claimed was a mitigating factor. One method for luring victims to infected websites is to persuade them to click on a link in an email or IM, said Microsoft.

Users running Microsoft Office Excel 2003 Service Pack 2 that have deployed Microsoft Office Isolated Conversion Environment (MOICE) are not affected by this vulnerability. MOICE can be used as a sandbox to test suspect files, but is primarily meant to be used to convert files from Office 2003 binary documents to the Office Open XML format used in Office 2007.

Miicrosoft claimed another mitigating factor is that Microsoft Office Excel 2003 Service Pack 3, Microsoft Office Excel 2007, Microsoft Office Excel 2007 Service Pack 1, and Microsoft Excel 2008 for Mac do not suffer from this vulnerability.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
9 out of 9 people found this useful


In association with Network Liberation Movement

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:







Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

DNA details of innocent will be kept f...

The government has announced that it plans to keep innocent people's DNA details for up to six years. In response to a consultation it launched last December, the government said... More

5 comments

Motorola Droid Drops Today: Happy Droi...

Motorola Droid Drops Today: Happy Droid Day America! Author: Eric Everson, Mobile Security Expert If you’re wondering what all of the buzz is about with words like Droid and Android... More

Post a comment

Mobile Security Profile: BlackBerry St...

Mobile Security Profile: BlackBerry Storm2 Author: Eric Everson BlackBerry handsets are a staple of office culture; from syncing calendars to sharing business-related data,... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters