More information about the new Excel vulnerability

This morning, we posted Security Advisory 968272 notifying of a new Excel binary file format vulnerability being exploited in targeted attacks. We wanted to share more information about the vulnerability to help you assess risk and protect your environment. Office 2007 being targeted The current attacks we have seen target users of Office 2007 running…

0

MS08-043 : How to prevent this information disclosure vulnerability

In this month’s update for Excel we addressed an interesting CVE (CVE-2008-3003) – the first vulnerability to affect the new Open XML file format (but it doesn’t result in code execution). This is an information disclosure vulnerability that can arise when a user makes a data connection from Excel to a remote data source and…

0