Security hole found in Excel

Latest News | News Archive |

Posted by: Tweaker
Date added: 09:14, 7th July 2006 GMT
Source: C/NET News

A hole in Microsoft Excel has been identified that could allow attackers to take control of a computer, a security group said Thursday--the third vulnerability affecting the popular spreadsheet program to surface in less than a month.

The flaw is due to a memory corruption error that occurs when handling or repairing a document containing overly long styles, the French Security Incident Response Team said in an advisory.

The flaw, which affects Excel 2000, 2002 and 2003 and Office 2000, XP and 2003, "could be exploited by attackers to execute arbitrary commands by convincing a user to open and repair a specially crafted Excel file," the advisory said.

A Microsoft representative said the company is investigating reports of a new vulnerability in Excel and was not aware of any attacks related to it.

"In order for this attack to be carried out, a user must first open a malicious Excel document that is sent as an e-mail attachment or otherwise provided to them by an attacker," the representative said in an e-mail. "Opening the Excel document out of e-mail will prompt the user to be careful about opening the attachment."

The vulnerability affects only users of Japanese, Korean or Chinese language versions of Excel, the Microsoft representative said.

Customers who believe they are affected can get more information on Microsoft's security Web site.

  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!    Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

[  To top | Latest News | News Archive | ]