Microsoft warns of new 'Zero day' Excel 2003 vulnerability
A Microsoft Security Advisory note issued on January 15th revealed that Excel 2003 had been targeted by attacks on a previously unknown vulnerability.
The advisory provided few specific details, but explained that hackers would need to place a specially crafted Excel file on a Web site to launch an attack. Victims would be lured to the site by getting them to click a link in an e-mail or instant message.
The weak spot, which could allow hackers to run code on infected PCs, affects Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac. Microsoft said that so far, users of Microsoft Office Excel 2007 and Excel 2008 for Mac, or those who had installed Microsoft Office Excel 2003 Service Pack 3 were not affected.
Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a specially crafted document that is attempting to exploit this vulnerability.
"As the issue has not been publicly disclosed broadly, we believe the risk at this time to be limited," Microsoft said. Once it has investigated the wider impact of this new 'Zero day' (i.e. previously unreported) vulnerability, Microsoft would either provide a security update through its usual second Tuesday of the month release process, or issue an out-of-cycle security update if needed.
Reprinted from our sister site, AccountingWEB.co.uk
Voice of the Editor
Which isn’t completely true. I mean, occasionally I drop by when I manage to sneak out of the nonstop frat party over at Going Concern, but I’m mostly a wallflower over there. I’m happy to say that I’ve been given express permission (or explicit orders, if you like) to wander over here to AccountingWEB more often.
Why is that, you might ask? My job is to replace the irreplaceable Gail Perry as Editor-in-Chief. What does that mean? I don’t really know! I think it’ll be fun getting a feel for things, throwing in my own thoughts here and there, and listening to the discussions you’re having about the accounting profession.