Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Security

MS Excel Users Susceptible To New Vulnerability 64

Posted by CmdrTaco from the safer-and-safer dept.
nandemoari writes "Microsoft has warned users that yet another critical vulnerability has been found in its popular Office spreadsheet program Excel. The flaw could allow remote hackers to open and run malicious code on an unsuspecting user's computer through an infected spreadsheet file. Products affected include Office 2000, Office 2002, Office 2003, Office 2007, Office 2004 for Mac, Office 2008 for Mac, and the Open XML File Format Converter for Mac."
This discussion has been archived. No new comments can be posted.

MS Excel Users Susceptible To New Vulnerability More

MS Excel Users Susceptible To New Vulnerability

Comments Filter:

  • dupe? (Score:5, Informative)

    by pak9rabid ( 1011935 ) on Wednesday February 25, 2009 @02:54PM (#26984813)
    http://it.slashdot.org/article.pl?sid=09/02/24/1938259 [slashdot.org]

  • Really?? (Score:4, Funny)

    by aztektum ( 170569 ) on Wednesday February 25, 2009 @02:55PM (#26984825)

    I hadn't heard [slashdot.org]

  • Leave it to Microsoft... (Score:2, Insightful)

    by Anonymous Coward

    ... to create a vulnerability on my Mac.

  • And people wonder why... (Score:4, Insightful)

    by Indy1 ( 99447 ) on Wednesday February 25, 2009 @02:56PM (#26984853)

    I choose to use open office, even though I get M$ office free through work.

    • Re: (Score:3, Insightful)

      by account_deleted ( 4530225 )
      Comment removed based on user account deletion

      • Oo Writer is fine, and I use Oo exclusively at home on the principle that document standards should be open.

        But yes, I use Excel at work and Calc at home, and Calc is very annoying by comparison.

        For one thing, Excel will let you set a default number format (currency, integer, date, etc) on a whole row or column and whatever you enter thereafter will use that format. I try that with Calc, and it never works. Not only does it not remember the setting, but it forces me to apply the formatting to EACH individua

        • I'm not sure what you are doing. But you are doing it wrong.

          I've been using OOoCalc for a little over a year. It does have some annoyances, but loss of pre set formats is not one of them. I suspect that there is a default setting or preference that governs this.

          Personal annoyances:

          1. Cursor control: If I scroll off the screen while highlighting, sometimes I get into a runaway scrolling situation. This is on Ubuntu, and it might not belong to OOo. Workaround: Don't do that.
          2. OOoCalc likes semi-colons in pl

          • I'm not sure what you are doing. But you are doing it wrong.

            What I am doing is highlighting some cells, and going to Format, Cells, and choosing a format. (I'm basing this on Excel, which I have in front of me right now, but I believe the steps are the same in Oo.) How is that not the right way to format cells?

            I've been using OOoCalc for a little over a year. It does have some annoyances, but loss of pre set formats is not one of them. I suspect that there is a default setting or preference that governs thi

            • Sounds like possibly the formating you have set up in advance of data entry is being overwritten by the "AutoInput" reformating capability, or something like that.

              Play around with your settings under Tools/Cell_Contents and Tools/Auto_Correct. Also, look over the options in Tools/Options.

              Also, get familiar with your resources. The OOo Help system is generally more useable than MS Help ever was (it is not yet complete and some of the entries need more clarification... but the volunteers are continously i

  • a 0 day exploit?

  • Does this mean that OpenOffice is the workaround for the moment?

    • Re:OO to the rescue? (Score:4, Informative)

      by Rary ( 566291 ) on Wednesday February 25, 2009 @03:10PM (#26985035)

      Does this mean that OpenOffice is the workaround for the moment?

      Well, that, or not opening unexpected spreadsheets emailed to you by random strangers.

      • Re: (Score:1)

        by Jaden42 ( 466735 )

        Well, that, or not opening unexpected spreadsheets emailed to you by random strangers.

        Or not have friends who do the same thing.

        And they'll tell two friends... and they'll tell two friends..

      • Re:OO to the rescue? (Score:4, Informative)

        by cortesoft ( 1150075 ) on Wednesday February 25, 2009 @03:27PM (#26985241)

        The problem with this strategy is the the emails are often times from people you know. These don't normally spread because some spam farm is emailing random addresses, but by having an infected person's computer email all the addresses in their address book (people you know) a copy of the virus. So basically the advice should be to never open unexpected spreadsheets from ANYONE, not just random strangers.

        • Re: (Score:2)

          by Rary ( 566291 )

          Actually, in this case, the attacks have mainly been directed at specific targets. Nevertheless, if someone does decide to add the old "email to everyone in contact list" functionality to this, you're still safe as long as you ignore any strange emails with spreadsheets attached, even if they come from someone you know.

          Either way, as an Excel user, I can't say I'm going to lose any sleep over this one.

          • Re: (Score:2)

            by Bert64 ( 520050 )

            Or until someone implements functionality to "infect any spreadsheet on the local machine"...
            That way all it takes is for someone you know to be infected, and the next time they send you a spreadsheet for whatever reason it's infected.

        • Yes, people you know. For example, per my antivirus software the last XLS document on this page;
          http://www.insurance.mo.gov/industry/forms/index.htm [mo.gov]

          has MS08-057 exploit in it. My local state government.

      • ... is a reliable indicator of who sent the email... ;-)

        • Re: (Score:2)

          by Rary ( 566291 )

          ... is a reliable indicator of who sent the email... ;-)

          Well, even if it appears to come from someone you know, it's not that difficult to avoid.

          Here's a test. Would you open the attachment if you received the following email from your mom?

          From: Mom
          Subject: info
          Attachment: morgage.xls
          here is the info you reqeusted

          • Yes, because I know how bad my mum is at spelling - the misspelling of mortgage is a dead give away that it's her.
          • You must not know very many people. I have gotten many valid messages of that caliber of spelling and grammar. Hell, I'm lucky if they even have a subject sometimes.
      • Because, you know, malware sending spams looking as if they came from your acquaintances do not exist at all.

      • Re: (Score:1)

        by Joska ( 78000 )

        Since this scored a 5, it may be helpful to define random strangers and compare the relative threat they pose with the other types. Being a simple soul, it had already occurred to me to avoid opening attachments from unknown sources, but this new level of complexity has me intrigued.

        Perhaps I'm being pedantic, in which case, I'm sorry. ;)

      • Good thing I only know very specific strangers.

      • Re: (Score:2)

        by Bert64 ( 520050 )

        Or if your on a corporate network where you have file shares, not opening any file on the public file shares incase another user has been infected and spread it to public shares...

        Or not opening expected spreadsheets from trusted sources because most malware tries to send itself to addresses found in your address book or inbox...

  • Pewwww, finally Microsoft comes to the rescue and takes the heat from us, as always. Bob, send the excel team a cake.

  • Second dupe today from nandemoari going to infopackets.com.

    Someone's fishing for traffic here.

  • Is this a flaw [securityfocus.com] in the Operating System [zgp.org] or a flaw in the application like the Adobe [dailytech.com] one and who is to blame this time ...

  • They can do better, here's proof. (Score:4, Informative)

    by b4dc0d3r ( 1268512 ) on Wednesday February 25, 2009 @03:49PM (#26985589)

    http://support.microsoft.com/kb/935865 [microsoft.com]

    The Microsoft Office Isolated Conversion Environment (MOICE) feature that is added to the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats is used to more securely open Word, Excel, and PowerPoint binary format files.

    They have the code to do this securely... but can't implement it because users want the features which allow security holes. Disable macros and probably internet connections too, convert the file, then open it. Look at all the "issues", which are essentially MS saying these are dangerous (but still in the design).

    • After you use MOICE to convert a file, the default save location is the %temp% folder when you try to save the file. Also, the %temp% folder is the default folder when you try to open a file.
    • Anyone who has access to the computer can view the files in the %temp% folder.
    • When you use MOICE to convert a file, the converted file is saved in the %temp% folder. The converted file is not deleted from the %temp% folder when the file is closed. If a file is opened multiple times, the file is converted multiple times. Additionally, more than one copy of the file is saved in the %temp% folder. If you have made changes to the first copy of the document, the second copy of the document will not contain the changes.
    • By default, the applicable program opens after MOICE finishes a file conversion. Then, the converted document is opened. (...snipped...)
    • Smart tag data is stripped from PowerPoint presentations when you use MOICE to convert a presentation that contains smart tags.
    • Macros are stripped from files when you use MOICE to convert files that contain macros.
    • When you open a file by using a link inside a file that has been converted by MOICE, the linked file is not converted by MOICE.
    • Embedded documents cannot be converted.
    • Documents that use rights management cannot be converted.
    • Documents that use passwords cannot be converted.
    • You cannot use the Edit Document in Microsoft Office Program_Name feature in Microsoft SharePoint when you use MOICE to convert Office files.
    • If damage exists, it will be removed from a binary Word 97-2003 Document (*.doc) file during the conversion. Therefore, the contents of the file may change unexpectedly.
  • "Our own research, however, has concluded that open source software exposes users to significant and unnecessary business risk [networkworld.com], as the security is often overlooked, making users more vulnerable to security breaches,"

    "That's not to say that commercial software isn't without risks, but any flaws on commercial applications tend to get patched a lot faster than on open source, as the vendors producing the software have a lot more to lose than an open source programmer,"

    "New variant of Conficker worm [cnet.com] circu

  • http://it.slashdot.org/article.pl?sid=09/02/25/024211 [slashdot.org]

    Yet another case where a document has blurred into an application, the way Windows blurred from a WM to an OS.

    DONT CROSS THE STREAMS! Curse you von Neumann.

  • A Test Case? (Score:1, Funny)

    by Anonymous Coward

    I work with security and would love to know how to craft such files for, *cough*, academic reasons. Any hints?

  • I wonder what the world would be like, if the law forced every software manufacturer to notify their users about known vulnerabilities - how severe they are and how long they have been unfixed... maybe have a widget on the desktop, showing the top 20 very severe, unfixed vulnerabilities... I think I would bet my life, that windows would hardly exist on the market anymore...

Slashdot Top Deals

The optimum committee has no members. -- Norman Augustine

Close