Microsoft Confirms Un-patched Flaw in Excel
Microsoft has confirmed a new vulnerability in some versions of the popular software Excel, which belongs to the Microsoft Office package.
The security exploit makes an impact on Microsoft Excel and is vulnerable in all versions of Office except 2007. Those versions are Office 2000, Office XP, Office 2003 and Office 2004 within Macintosh.
Any maliciously crafted excel file referred to as .xls files can exploit the flaw to infect a system using a payload virus.
There are currently five MS Office exploits in all, requiring Microsoft's patches. Four of these are centered on Word. It is not yet known if these patches will come up in 'Patch Tuesday' on February 13, 2007. This and other Office Advisories relate to the process of an unwary user clicking on a craftily designed Excel document that allows the attacker to gain privileges on the system.
It is, however, possible to subdue the damage if the user opening the infected file operated it from an account that did not have administrator rights on the system. Just as the virus can obtain the same access rights as the user with this kind of attack, it also inherits the same limitations that the user experiences due to security reasons. This mechanism can potentially restrict the virus from fully installing its payload Trojan malware.
Although Microsoft has confirmed its knowledge about the flaw but the company is yet to release a fix for it. The virus that security research companies found installed a variant of 'BackDoor-CWA' Trojan. This program can enable to remotely access an infected system. It is also capable of connecting to a remote system to communicate to the attacker that another system is under their command. The Trojan establishes and stays in the system so that when the computer runs, it becomes active under the guise of a system service.
Microsoft recommends users not to save or open unknown Excel documents and attachments. The company also advises them to update their OneCare Live software that can locate and eliminate any malicious .xls files. In addition they should maintain an updated malware and Virus Scanner on their systems.
Related article: Microsoft Patches Live OneCare to Tackle Quarantined E-Mails
» SPAMfighter News - 09-02-2007