Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Microsoft Excel Vulnerability


  • Please log in to reply
2 replies to this topic

#1 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:05:15 PM

Posted 17 June 2006 - 11:57 AM

US-CERT advises today (5/16/06) that there is an unpatched Excel vulnerability that could allow a hacker to gain access to and control of a computer..."by convincing a user to open a specially crafted Excel document. The Excel document could be included as an email attachment or hosted on a web site. It may also be possible to exploit the vulnerability using Excel documents embedded in other Office documents."

Until a patch is released, the agency recommends extreme caution in opening "...unfamiliar or unexpected Excel or other Office documents, including those received as email attachments or hosted on a web site."

Regards,
John


http://www.us-cert.gov/cas/alerts/SA06-167A.html

To subscribe to the alert mailing list (which I strongly recommend):
http://www.us-cert.gov/cas/

Further information is provided at CNET news:

http://news.com.com/New+Excel+zero-day+fla..._3-6084738.html

Edited by jgweed, 18 June 2006 - 11:15 AM.

Whereof one cannot speak, thereof one should be silent.

BC AdBot (Login to Remove)

 


#2 Daisuke

Daisuke

    Cleaner on Duty


  • Members
  • 5,575 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Romania
  • Local time:05:15 PM

Posted 20 June 2006 - 01:09 PM

And another 0-day vulnerability in Excel

Microsoft Office Long Link Buffer Overflow Vulnerability
Secunia: Highly critical
Solution Status: Unpatched

Workaround for the first 0-day vulnerability:
Microsoft Security Advisory (921365) (Vulnerability in Excel Could Allow Remote Code Execution)
Everyday is virus day. Do you know where your recovery CDs are ?
Did you create them yet ?

Posted Image

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,140 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:15 PM

Posted 26 June 2006 - 07:54 AM

Excel Issue Scorecard
Published: 2006-06-25,
Last Updated: 2006-06-25 01:00:02 UTC by Kevin Liston (Version: 2(click to highlight changes))

To help clearly identify the issues, exploit code and remedy related to the recently announce Excel vulnerabilities, I offer this humble correlation. This information comes from Microsoft, Mitre, and vigilant readers sending in tips...

Handler's Diary June 25th 2006
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users