Follow Liquidmatrix

FacebookTwitterRSS

Subscribe by Email

Second Zero-day Excel Flaw Emerges

For those of you that are still using the operating system from Redmond (insert Mac sigh) be aware that there is another Excel zero day exploit in circulation.

The latest vulnerability could cause Excel to crash after a malicious file is opened, according to an alert Symantec sent to customers on Monday. The security company also said there was a risk that an intruder could commandeer a PC. “Attackers may also be able to execute arbitrary codeā€¦but this has not been confirmed,” it said.

Excel doesn’t check user input before it’s copied into a memory buffer. This according to Symantec.

Some experts believe the timing of the new exploits is no coincidence, as miscreants will have a month until patches are available. Microsoft typically does not release fixes outside of its monthly patching cycle for such flaws, these experts said.

Be sure to take due care until this is patched.

Secunia Advisory
Article Link

[tags]Excel, Zero Day, Exploit, Vulnerability, Microsoft, Symantec, Mac[/tags]

Posted by on June 20, 2006. Filed under App Security,Exploit. You can follow any responses to this entry through the RSS 2.0. You can leave a response or trackback to this entry

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>