Redmond (WA) - A new flaw has opened up in Microsoft Excel, which could allow an attacker to compromise a remote user's computer.

Microsoft warned this week that an attacker could use the vulnerability to create a malicious Excel file.  Users who open an infected file would be subject to having their computer compromised.

Users would need to download and open a malicious file for it to have any effect.  Once opened, though, the attacker has the ability to remotely access the victim's PC, exposing personal data and other documents.  This makes it a serious problem especially for businesses.

The vulnerability affects the following versions of Excel: 2000, 2002, Viewer 2003, 2003 Service Pack 2, and Mac Excel 2004.

So far Microsoft has not announced when it will be releasing a patch to fix the problem, but it has encourage users who think they may have been attacked to contact its support line and/or the appropriate law enforcement agency.

Just noticed...timestamp

Jan 18, 2008 14:32     

It appears as though the timestamp on the link for each article from the index page is exactly one hour off from the timestamp of the destination page of the articles themselves. Don't know if this means they are on different servers, or if it might be coded that way. Just thought I would throw it out there.
Nick B report abuse vote down vote up Votes: +0

M$

Jan 18, 2008 15:15     

For the life of me I'll never understand why M$ hasn't learned from it's mistake of letting it's apps have back door access to critical OS components. I'm sure it's easier but hey M$ maybe just build your apps on top of the OS like everyone else has too and maybe you'll save some money on patches.
Action Jackson report abuse vote down vote up Votes: +0