In mid-January Microsoft confirmed that a new, previously unknown Excel vulnerability was used in targeted attacks. Anti-virus vendors had information about these Trojans several days earlier. And this week US-CERT issued a warning about the new wave of exploitation: http://www.us-cert.gov/current/#trojan_exploiting_microsoft_excel_vulnerability
After more than two months there is a fix available for this extremely critical Microsoft Excel vulnerability. According to the new information the issue is not related to the handling of header information - the flaw exist in macro processing. More at http://blogs.securiteam.com/index.php/archives/1074 Go and patch your Office installations: http://www.microsoft.com/technet/security/Bulletin/MS08-014.mspx Juha-Matti _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
