Asian Excel versions hit by spreadsheet vulnerability

Posted by Humphrey Cheung

Security company Secunia identified a new vulnerability in Asian versions of Microsoft Excel style sheets that theoretically allows malicious code to be executed. According to alert issued by Secunia, specially crafted spreadsheets containing "overly long styles" can cause a buffer overflow that crashes Excel. The execution of malicious code is possible if the user clicks on the "repair the document" or "style" option.

Fortunately, this vulnerability only affects Asian language versions of Excel 2000, 2002 and 2003. So far, the exploit has not yet been seen in the wild.