For those of you that are still using the operating system from Redmond (insert Mac sigh) be aware that there is another Excel zero day exploit in circulation.

The latest vulnerability could cause Excel to crash after a malicious file is opened, according to an alert Symantec sent to customers on Monday. The security company also said there was a risk that an intruder could commandeer a PC. “Attackers may also be able to execute arbitrary code…but this has not been confirmed,” it said.

Excel doesn’t check user input before it’s copied into a memory buffer. This according to Symantec.

Some experts believe the timing of the new exploits is no coincidence, as miscreants will have a month until patches are available. Microsoft typically does not release fixes outside of its monthly patching cycle for such flaws, these experts said.

Be sure to take due care until this is patched.

Secunia Advisory
Article Link

[tags]Excel, Zero Day, Exploit, Vulnerability, Microsoft, Symantec, Mac[/tags]

Leave a Reply

Your email address will not be published. Required fields are marked *