Peaches Posted February 25, 2009 Report Share Posted February 25, 2009 Microsoft Excel Invalid Object Reference Vulnerability 2009-02-24 Extremely critical Software: Microsoft Excel 2000Microsoft Excel 2002Microsoft Excel 2003Microsoft Office 2000Microsoft Office 2003 Professional EditionMicrosoft Office 2003 Small Business EditionMicrosoft Office 2003 Standard EditionMicrosoft Office 2003 Student and Teacher EditionMicrosoft Office 2004 for MacMicrosoft Office 2007Microsoft Office 2008 for MacMicrosoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File FormatsMicrosoft Office Excel 2007Microsoft Office Excel Viewer 2003Microsoft Office Excel Viewer 2007Microsoft Office XP Description:A vulnerability has been reported in Microsoft Excel, which can be exploited by malicious people to compromise a user's system.The vulnerability is caused due to an error that may cause an invalid object to be referenced when opening an Excel document.Successful exploitation allows execution of arbitrary code.NOTE: According to Microsoft, the vulnerability is currently being actively exploited. Secunia Advisories ... http://secunia.com/advisories/33954/ Quote Link to post Share on other sites
Peaches Posted February 25, 2009 Author Report Share Posted February 25, 2009 and also read the following ...........Hackers Exploit Excel 'Zero-Day' Flaw Gregg Keizer, Computerworld Tuesday, February 24, 2009 1:38 PM PST For the second time in the past five days, security researchers are warning that hackers are exploiting a critical unpatched vulnerability in widely-used software. Attackers are exploiting a "zero-day," or unfixed, flaw in Microsoft Corp.'s popular Excel spreadsheet, using the bug to hijack select systems in Asia, many of them in government offices and high-profile corporations, said Vincent Weafer, vice president of Symantec Corp.'s security response group. Hackers have been using another unpatched vulnerability in Adobe Reader for several weeks in a similar fashion, although now that the exploit code has gone public, experts expect to see attacks quickly increase. The newest vulnerability, which is in all supported versions of Excel, including the latest -- Excel in Office 2007 on Windows and in Office 2008 for the Mac -- is in the program's file format, said Weafer. PC World story: http://www.pcworld.com/businesscenter/arti...roday_flaw.html Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.