And yet again, Secunia has issued an extremely critical security warning. This time it involves a memory corruption issue in Excel’s repair mode. Secunia says:
“The vulnerability is caused due to a memory corruption error in the ‘repair mode’ functionality used for repairing corrupted documents. This can be exploited via a specially crafted Excel documents.
Successful exploitation allows execution of arbitrary code.
The vulnerability has been confirmed on a fully updated Windows XP SP2 system with Microsoft Excel 2003 SP2. Other versions may also be affected.”
So, what does that mean? Well, be extremely careful opening untrusted excel attachments. Basically, when in doubt do not open untrusted Excel documents.
These are the versions affected:
Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel Viewer 2003
Microsoft Office 2000
Microsoft Office 2003 Professional Edition
Microsoft Office 2003 Small Business Edition
Microsoft Office 2003 Standard Edition
Microsoft Office 2003 Student and Teacher Edition
Microsoft Office 2004 for Mac
Microsoft Office X for Mac
Microsoft Office XP
[tags]Excel repair mode vulnerability, excel vulnerability, excel zero day exploit[/tags]
