Microsoft warns of new 'Zero day' Excel 2003 vulnerability
A Microsoft Security Advisory note issued on January 15th revealed that Excel 2003 had been targeted by attacks on a previously unknown vulnerability.
The advisory provided few specific details, but explained that hackers would need to place a specially crafted Excel file on a Web site to launch an attack. Victims would be lured to the site by getting them to click a link in an e-mail or instant message.
The weak spot, which could allow hackers to run code on infected PCs, affects Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac. Microsoft said that so far, users of Microsoft Office Excel 2007 and Excel 2008 for Mac, or those who had installed Microsoft Office Excel 2003 Service Pack 3 were not affected.
Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a specially crafted document that is attempting to exploit this vulnerability.
"As the issue has not been publicly disclosed broadly, we believe the risk at this time to be limited," Microsoft said. Once it has investigated the wider impact of this new 'Zero day' (i.e. previously unreported) vulnerability, Microsoft would either provide a security update through its usual second Tuesday of the month release process, or issue an out-of-cycle security update if needed.
Reprinted from our sister site, AccountingWEB.co.uk
![]() |
Email sign-up
Voice of the Editor
What makes a company a great place to work? Experience, a ConnectEDU company, uses criteria that include benefits, career advancement opportunities, culture, and work/life balance to form its annual list of the Best Places to Work for Recent Grads. BDO USA and Ernst & Young both made the Top 25 list. Read what makes these firms stand out and find out what can be done at your firm to entice college grads.



