« Conficker Worm Technical Analysis | Main | Microsoft Not Patching Excel Security Flaw »
03/02/2009
New Trojan Targets Unpatched Microsoft Excel Flaws
Co-Editor
There's recent news afoot from a number of sources, including The Register about a Microsoft Excel Trojan.
Several versions of Excel are vulnerable to this particular bit of malware including:
Excel 2000 Excel 2002 Excel 2003 Excel 2007 Excel 2004/2008 for Mac Excel Viewer Excel Viewer 2003
How do you get this trojan
Since it takes advantage of a flaw in Excel (and the Excel viewer), all you need to do is open an Excel spreadsheet with a specially crafted spreadsheet. Once you open it, the trojan payload is instantly delivered to your system.
What's being done
As of this writing, Microsoft's official word on the Excel Vulnerability is,
"At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability."
The Microsoft Security Advisory goes on to say they've not yet decided to release a patch as a part of "Patch Tuesday", a service pack, or something "out-of-cycle."
As with any new virus, trojan, or other malware, we urge readers to make sure you're running current antivirus software and that your antivirus signatures are up to date.
If you're not sure if your antivirus software is up-to-snuff and does everything it should, we have a page to help you compare antivirus software.
TrackBack
TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a0133f40d81f4970b0134876491c2970c
Listed below are links to weblogs that reference New Trojan Targets Unpatched Microsoft Excel Flaws :
The comments to this entry are closed.
Comments
You can follow this conversation by subscribing to the comment feed for this post.