Network News

X My Profile
View More Activity

Microsoft Warns of Attack Via Unpatched Excel Flaw

Microsoft says it was made aware today of a previously unknown security hole in its Excel spreadsheet program that was used in at least one targeted attack against Windows users.

In a blog post put up this evening (ignore the time stamp; Microsoft's blog is set to GMT), Microsoft had this to say about the flaw: "In order for this attack to be carried out, a user must first open a malicious Excel document that is sent as an e-mail attachment or otherwise provided to them by an attacker. (Note that opening it out of email will prompt you to be careful about opening the attachment.) So remember to be very careful opening unsolicited attachments from both known and unknown sources."

Always good advice. Anyway, Microsoft isn't offering much more information about this particular flaw at the moment, but a source of mine forwarded me a link to a security advisory Symantec posted today that supposedly includes a brief description of the threat Microsoft described. The folks over at the SecuriTeam Blog also have posted some information on this as well.

Update, 2:10 p.m. ET, June 16: As one commenter pointed out, the piece of malware from that Symantec post that actually does the exploiting of this unpatched Excel flaw is another bugger described in the advisory, which Symantec is calling Trojan.Mdropper.j

By Brian Krebs  |  June 15, 2006; 7:42 PM ET
Categories:  Latest Warnings  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: New Adobe Version Plugs Security Holes
Next: ZoneAlarm Update Flaky for McAfee Users

Comments

I wonder how would users of OpenOffice or Google's new Spreadsheet web service fair by using these applications to open suspected files instead of MS Excel.

I'd expect they'll fair well - or am I missing something?

Posted by: Amos | June 15, 2006 9:01 PM | Report abuse

You want the phrase "they'll fare well", not "fair well". This is the same word used to form the traditional parting salutation "farewell" and means "to journey". It is completely distinct from it's homonym "fair" as in even-handed. If there's any confusion, just say "do" instead.

Posted by: TEFL | June 15, 2006 9:23 PM | Report abuse

TEFL, if you're a reular reader of this blog, and undertake to correct all commenters' lapses in good English and spelling errors, you'll be a very busy person. Fare thee well!

Posted by: Pete from Arlington | June 16, 2006 12:52 PM | Report abuse

Commenters should proof their comments, too! Try "regular."

Posted by: Pete from Arlington | June 16, 2006 12:54 PM | Report abuse

"In a blog post put up this evening (ignore the time stamp; Microsoft's blog is set to GMT)"

Huh? What kind of idiot suggests ignoring the time on the blog post because it's not in his own time-zone? Anything which doesn't specify a time zone should be in UTC.

Posted by: James. | June 16, 2006 1:14 PM | Report abuse

The Symantec link is about Downloader.Booli.A; it seems to have nothing to do with Excel. Am I missing something?

(Seemingly obligatory grammar/spelling snark left out.)

Posted by: John Schofield | June 16, 2006 1:37 PM | Report abuse

Posted by: John Schofield | June 16, 2006 1:41 PM | Report abuse

John -- you are, of course, correct. I updated the blog to make it more specific. Thanks.

Posted by: Bk | June 16, 2006 2:23 PM | Report abuse

We users continue to pay for the "power" of MS applications. Seems like every app has to be a "platform" with direct access to the OS. Unfortunately Google and other web companies are trying to become platforms as well, which means security problems like the recent Yahoo mail worm will only become more prevalent. Why can't these companies live by the words that have guided Spiderman so well: with great power comes great responsibility. Think of your users before you try to make that app a platform.

Posted by: Qian Wang | June 16, 2006 5:13 PM | Report abuse

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company