Microsoft vulnerability hits Excel

Posted by Mark Raby

Redmond (WA) - A new flaw has opened up in Microsoft Excel, which could allow an attacker to compromise a remote user's computer.

Microsoft warned this week that an attacker could use the vulnerability to create a malicious Excel file.  Users who open an infected file would be subject to having their computer compromised.

Users would need to download and open a malicious file for it to have any effect.  Once opened, though, the attacker has the ability to remotely access the victim's PC, exposing personal data and other documents.  This makes it a serious problem especially for businesses.

The vulnerability affects the following versions of Excel: 2000, 2002, Viewer 2003, 2003 Service Pack 2, and Mac Excel 2004.

So far Microsoft has not announced when it will be releasing a patch to fix the problem, but it has encourage users who think they may have been attacked to contact its support line and/or the appropriate law enforcement agency.