The folks over on the MSRC blog just posted a note saying that Microsoft Security Advisory (968272) has now been published. They state that:
This advisory contains information regarding public reports of a vulnerability in Microsoft Office Excel that could allow for remote code execution if a user opens a specially crafted Excel file. At this time, we are aware only of limited and targeted attacks that attempt to use this vulnerability. We are developing a security update for Microsoft Office that addresses this vulnerability.
Products affected are Microsoft Office 2000, Microsoft Office 2002, Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2004 for Mac, Microsoft Office 2008 for Mac, and Open XML File Format Converter for Mac.
For more details you can read the original post here.
J.C. Hornbeck | Manageability Knowledge Engineer