Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Unpatched Excel Flaw Surfaces, Attacks Made

Hard on the heels of Tuesday's massive security update, on Thursday Microsoft disclosed that an attack is in play which exploits an unpatched bug in the popular Excel software.

The attack allowed hackers to hijack PCs.

According to a posting on the Microsoft Security Response Center blog, one customer was hit with a targeted attack via malicious Excel spreadsheets attached to e-mail messages. The MSRC, however, was skimpy with details.

"Here's what we know: In order for this attack to be carried out, a user must first open a malicious Excel document that is sent as an email attachment or otherwise provided to them by an attacker," wrote Mike Reavey, an MSRC program manager. "Note that opening it out of email will prompt you to be careful about opening the attachment. So remember to be very careful opening unsolicited attachments from both known and unknown sources."

Symantec, however, had more information.

  • 1