Monday, February 23, 2009

Brand Spanking New Excel 0-day Being Exploited in the Wild

Via ZDNet -

Symantec is reporting that a new remote vulnerability has been discovered in Microsoft Excel 2007, and that this vulnerability is being exploited in the wild.

Details are sparse, but it looks like Symantec has discovered a code-execution vulnerability in Excel 2007 and Excel 2007 SP1. The issue is being actively exploited in the wild by a variant of the Mdropper trojan.

There is no patch for the vulnerability yet, so until one arrives, don’t open anything that looks like an Excel document from sources you cannot completely trust and verify.

No comments:

Post a Comment