funsec mailing list archives
State of targeted attacks - criminals exploiting Excel vuln during two months
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Wed, 12 Mar 2008 00:54:01 +0200 (EET)
In mid-January Microsoft confirmed that a new, previously unknown Excel vulnerability was used in targeted attacks. Anti-virus vendors had information about these Trojans several days earlier. And this week US-CERT issued a warning about the new wave of exploitation: http://www.us-cert.gov/current/#trojan_exploiting_microsoft_excel_vulnerability After more than two months there is a fix available for this extremely critical Microsoft Excel vulnerability. According to the new information the issue is not related to the handling of header information - the flaw exist in macro processing. More at http://blogs.securiteam.com/index.php/archives/1074 Go and patch your Office installations: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- State of targeted attacks - criminals exploiting Excel vuln during two months Juha-Matti Laurio (Mar 11)