Critical Excel vulnerability features in July's 'patch Tuesday'

Excel 2007 featured in the security updates issued by Microsoft on July 10, the traditional second Tuesday scheduled for the company's monthly bulletins.

The Excel vulnerability could allow malicious code to be downloaded and run by causing a "buffer overflow" when a user opens a specially crafted Excel file. People with administrative user rights on their machine will be more at risk that those without.

Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

It is rated as critical for Microsoft Office 2000 and Excel 2000 with Service Pack 3 patches applied, but important for Office XP/Excel 2002, 2003 (Service Pack 2) and Excel 2007.

For an attack to be successful a user must open an attachment that is sent in an e-mail message.

Critical alerts were also published concerning the Windows Active Directory and .NET Framework. See July's security bulletin summary for links to full descriptions and patch downloads.

You may like these other stories...

Whenever I speak to accountants about creating a cloud practice, the most common question is, “How do I charge my clients?” Ten years ago, maybe even five years ago, if I would’ve posed this question...
While reputational risk is the No. 1 nonfinancial concern among corporate directors, cybersecurity/IT risk is gaining steam. In fact, both private companies and organizations with more than $1 billion in revenue felt they...
Accountants who specialize in forensic and valuation services point to electronic data analysis, or big data, as the most pressing issue they’ll face in the coming months, according to results of a new survey released...

Upcoming CPE Webinars

Jul 31
In this session Excel expert David Ringstrom helps beginners get up to speed in Microsoft Excel. However, even experienced Excel users will learn some new tricks, particularly when David discusses under-utilized aspects of Excel.
Aug 5
This webcast will focus on accounting and disclosure policies for various types of consolidations and business combinations.
Aug 20
In this session we'll review best practices for how to generate interest in your firm’s services.
Aug 21
Meet budgets and client expectations using project management skills geared toward the unique challenges faced by CPAs. Kristen Rampe will share how knowing the keys to structuring and executing a successful project can make the difference between success and repeated failures.