Zero day Excel

On June 16, 2006, in Security, by

<Do you really need to have Excel files come into your office via email?  No?  Then why the heck are your alllowing them to enter in the first place?  Block them.


From the Incidents listserve…


 There has been a report of a targeted attack leveraging a previously unknown vulnerability in Microsoft Excel. The vulnerability is triggered when a user opens a malicious xls file. Further information regarding this incident is available from the following sources.

Microsoft Excel Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/18422

Trojan.Mdropper.J
http://securityresponse.symantec.com/avcenter/venc/data/trojan.mdropper.j.html

Downloader.Booli.A
http://securityresponse.symantec.com/avcenter/venc/data/downloader.booli.a.html

Reports of a new vulnerability in Microsoft Excel
http://blogs.technet.com/msrc/archive/2006/06/16/436174.aspx

 

One Response to Zero day Excel

  1. Richard Tocci says:

    If you keep your anti virus defs up to date, this is not an issue. Symantec’s def dated 6/18/2006 covers this.