Blog Post

Excel Malformed File Vulnerability - Remote Code Execution

,

Today, Microsoft release a security advisory about a new vulnerability in Microsoft Excel. This one affects both PCs and Macs. The Microsoft Security Response Center blog has a post there as well. SecurityFocus has a bit more information, basically indicating Symantec is detecting files containing an exploit to the vulnerability as Trojan.Mdropper.AC.

Basically, the vulnerability is an attacker can create a malformed file which can then execute code on the system. That code will run in the context of the user opening the Excel document.

Thus far the indications from both Microsoft and Symantec is the attack is not very widespread. However, as with any attachment or download, make sure it's from someone or somewhere you trust and make sure it's expected before opening said file.

 

Rate

You rated this post out of 5. Change rating

Share

Share

Rate

You rated this post out of 5. Change rating