Zero-Day Excel Exploit In the Wild 117
snydeq writes "Microsoft Excel has a zero-day vulnerability that attackers are exploiting on the Internet, according to security vendor Symantec. The problem affects Excel 2007 both without and with Service Pack 1, according to an advisory on SecurityFocus, and other versions going back to Excel 2000. The program's vulnerability can be exploited if a user opens a maliciously crafted Excel file, allowing a hacker to leave a Trojan horse on the infected system."
A work-around for it... apk (Score:2, Interesting)
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileOpenBlock]
"BinaryFiles"=dword:00000001
APK
And what about SharePoint? (Score:4, Interesting)
While such a vector would be pretty useless on the public nets, just out of academic curiosity, I wonder: how fast would this critter would travel if it got loaded onto a SharePoint site (you know, one with the handy Excel-handling plugin turned on?)
Looking at it from the other end, how do you protect from such an eventuality without shutting off the plugin?
MS Vista becoming more secure? (Score:3, Interesting)
Is this true? Any corroborating info from anyone?
Funny, but that won't help solve the problem. (Score:4, Interesting)
Some people have jobs which require opening email attachments from unknown people. Secretaries are often the first point of contact for files sent by the general public. The secretary is often charged with opening the attached file(s) to make sure they're conformant in some organizational sense, then placing a copy of the file somewhere appropriate (such as a file server where other people can further vet the files).
I can easily see a situation where people are asked to upload files via a website to be opened by a committee later. Then everyone on the committee could be running on their machine with an administrative account (common for people who just bought a computer, sometimes having an admin account is viewed as a position of power and privilege).
I'm not saying that any of these problems can't be solved. I'm saying that to frame the issue as strange malcontents trying to take advantage of someone isn't addressing the complexity of the issue at hand.
It seems that this is just another area where overly-capable file formats, proprietary software, and programs that attempt to do too much are all coming together in an unpleasant way...again.