Help - Search - Members - Calendar
Full Version: Microsoft Excel Vulnerability
BleepingComputer.com > Security > Breaking Virus & Security News
   
jgweed
Jun 17 2006, 11:57 AM
US-CERT advises today (5/16/06) that there is an unpatched Excel vulnerability that could allow a hacker to gain access to and control of a computer..."by convincing a user to open a specially crafted Excel document. The Excel document could be included as an email attachment or hosted on a web site. It may also be possible to exploit the vulnerability using Excel documents embedded in other Office documents."

Until a patch is released, the agency recommends extreme caution in opening "...unfamiliar or unexpected Excel or other Office documents, including those received as email attachments or hosted on a web site."

Regards,
John


http://www.us-cert.gov/cas/alerts/SA06-167A.html

To subscribe to the alert mailing list (which I strongly recommend):
http://www.us-cert.gov/cas/

Further information is provided at CNET news:

http://news.com.com/New+Excel+zero-day+fla..._3-6084738.html
Daisuke
Jun 20 2006, 01:09 PM
And another 0-day vulnerability in Excel

Microsoft Office Long Link Buffer Overflow Vulnerability
Secunia: Highly critical
Solution Status: Unpatched

Workaround for the first 0-day vulnerability:
Microsoft Security Advisory (921365) (Vulnerability in Excel Could Allow Remote Code Execution)
quietman7
Jun 26 2006, 07:54 AM
QUOTE
Excel Issue Scorecard
Published: 2006-06-25,
Last Updated: 2006-06-25 01:00:02 UTC by Kevin Liston (Version: 2(click to highlight changes))

To help clearly identify the issues, exploit code and remedy related to the recently announce Excel vulnerabilities, I offer this humble correlation. This information comes from Microsoft, Mitre, and vigilant readers sending in tips...

Handler's Diary June 25th 2006
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2008 Invision Power Services, Inc.