Microsoft Excel target of new zero-day exploit

News by Dan Kaplan

Attackers are exploiting a new zero-day vulnerability in Microsoft Excel, researchers said.

Attackers are exploiting a new zero-day vulnerability in Microsoft Excel, researchers said.

Microsoft on Friday released an advisory warning users that it is investigating reports of "very limited" exploits of Excel in Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, and Microsoft Office 2004 for Macintosh.

"This is an issue that could allow an attacker to execute code on a user's machine in their security context by convincing them to open a specially crafted Office document," Alexandra Huft said on the Microsoft Security Response Center blog.

Huft said Redmond currently is only aware of Excel serving as the vector, but she cautioned "the issue can affect all Office documents."

The new Office bug adds to a growing list of unpatched vulnerabilities in the popular application, including at least four affecting Word.

The next "Patch Tuesday" is scheduled for Feb. 13.

Click here to email reporter Dan Kaplan.

 

Topics:
Crime & Threats

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events