New Excel Attack Threatens Office

Dennis Faas's picture

The millions of office and home office users that take advantage of Microsoft's Excel should be very careful. Last week, the company warned the public of a "zero-day" attack that acts upon certain weaknesses in the program. As expected, it's based on an email attachment threat, although it appears to look legitimate enough to pose a serious threat.

While Microsoft's security advisory attempts to calm users by stating that the attack is "very limited", it's still got many businesses worried. According to reports, hackers are sending email packing malicious Excel attachments that are able to act upon critical vulnerabilities in the Office program.

All those with Microsoft Office 2000, Office 2003, as well as Office XP should be very careful of how they handle emails in the coming weeks. Even Mac users should be wary; there are reports that Office 2004 running within the Mac OS are also vulnerable. The Mac warning comes from outside Microsoft, instead being offered by security watchdog Secunia.

In addition to the attachments, hackers are hosting web sites with Excel files that can take advantage of these flaws. It's a multi-pronged attack on all business users. (Source: astalvista.com and zdnet.com)

This isn't the first time an Excel weakness has been taken advantage of by email hackers. A similar threat popped up in June of last year, with Symantec warning users that goons could possibly act upon an executable arbitrary code.

The June, 2006 threat was much like this most recent one. Microsoft acted quickly, offering users tips on how to avoid an Excel downfall. There's no word yet from the company on how to avoid this trap. (Source: news.com)

Rate this article: 
No votes yet