Microsoft warns of new 'Zero day' Excel 2003 vulnerability | AccountingWEB

Microsoft warns of new 'Zero day' Excel 2003 vulnerability

A Microsoft Security Advisory note issued on January 15th revealed that Excel 2003 had been targeted by attacks on a previously unknown vulnerability.

The advisory provided few specific details, but explained that hackers would need to place a specially crafted Excel file on a Web site to launch an attack. Victims would be lured to the site by getting them to click a link in an e-mail or instant message.

The weak spot, which could allow hackers to run code on infected PCs, affects Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac. Microsoft said that so far, users of Microsoft Office Excel 2007 and Excel 2008 for Mac, or those who had installed Microsoft Office Excel 2003 Service Pack 3 were not affected.

Users who have installed and are using the Office Document Open Confirmation Tool for Office 2000 will be prompted with Open, Save, or Cancel before opening a specially crafted document that is attempting to exploit this vulnerability.

"As the issue has not been publicly disclosed broadly, we believe the risk at this time to be limited," Microsoft said. Once it has investigated the wider impact of this new 'Zero day' (i.e. previously unreported) vulnerability, Microsoft would either provide a security update through its usual second Tuesday of the month release process, or issue an out-of-cycle security update if needed.

Reprinted from our sister site,

Wait, there's more!
There's always more at AccountingWEB. We're an active community of financial professionals and journalists who strive to bring you valuable content every day. If you'd like, let us know your interests and we'll send you a few articles every week either in taxation, practice excellence, or just our most popular stories from that week. It's free to sign up and to be a part of our community.
Premium content is currently locked

Editor's Choice

As part of our continued effort to provide valuable resources and insight to our subscribers, we're conducting this brief survey to learn more about your personal experiences in the accounting profession. We will be giving away five $50 Amazon gift cards, and a $250 Amazon gift card to one lucky participant.
This is strictly for internal use and data will not be sold
or shared with any third parties.