Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Excel Spreadsheets Being Used in Exploiting Flash Vulnerability

Although a critical vulnerability in Flash, which had been installing malware in computers since
July 2009, was recently patched by security experts, cyber criminals have discovered a new vector
to exploit it again. The new vector includes insertion of malicious SWFs in Microsoft Excel

The sample file comes as an empty Excel spreadsheet but two Flash objects are cleverly hidden in
one of the cells. As per the security company, the two Flash objects are nothing but trojans
named 'Troj/SWFExp-N' and 'Troj/SWFExp-M' with same functionalities as were found in the PDF
format recently.

In the latter half of July 2009, security experts warned Adobe Flash Player users about a
vulnerability that had been exploited wildly by hackers with the help of malicious SWF files.
Besides, drive-by download assaults using SWF files, it was proved that Acrobat and Adobe Reader
were vulnerable because they had the ability to insert Flash stream in PDF files.

Adobe released an update to fix this vulnerability towards the end of July 2009, for its AIR,
Flash Player, Acrobat and Reader products. However, both cyber criminals and security industry
are very well aware of the fact that several corporate and individuals don't patch regularly.

On such occasions, antivirus products appear as the only way of security and majority of these
have additional detection for malicious PDF and SWF files. Though, security researchers at
security firm Sophos have warned that to fight antivirus protection, cybercriminals have started
using Excel files that also facilitate embedded Flash.

The researchers further explained that it was just sometime before the antivirus products held up
and began blocking the suspicious PDFs; consequently, the entire game has now shifted onto
discovering compound files able to embed and invoke Flash objects. OLE2 Compound Document Format
of Microsoft well suits this and so it is being severely exploited, reported softpedia.com on
August 5, 2009.

Peter Szabo, Senior Researcher, SophosLabs Australia, warns that this recent attack will most
probably be tailored to include Word documents and PowerPoint as well, as per the news published
by Softpedia.com on August 5, 2009. So, he strongly urged all users to upgrade Flash Player's
latest version.

Related article: Excel Displays Three Holes

ยป SPAMfighter News - 8/21/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page