There is also an interesting bit of detail here- http://blogs.technet.com/swi/archive/2009/02/24/more-information-about-t he-new-excel-vulnerability.aspx
"We analyze a lot of Office content type exploits and this is the first time we have seen a working exploit in-the-wild that is able to run code on Office 2007." From: Free, Bob Sent: Wednesday, February 25, 2009 2:08 PM To: NT System Admin Issues Subject: RE: 0-Day Excel Also http://blogs.technet.com/msrc/archive/2009/02/24/microsoft-security-advi sory-968272.aspx From: Bill Songstad (WCUL) [mailto:[email protected]] Sent: Wednesday, February 25, 2009 8:33 AM To: NT System Admin Issues Subject: RE: 0-Day Excel http://www.microsoft.com/technet/security/advisory/968272.mspx Bill From: David Lum [mailto:[email protected]] Sent: Wednesday, February 25, 2009 8:29 AM To: NT System Admin Issues Subject: 0-Day Excel Wow, I hadn't heard of this via my regular channels (SANS, patch mgmt mailing list, here) http://tech.yahoo.com/news/pcworld/20090224/tc_pcworld/attackerstargetin gunpatchedvulnerabilityinexcel2007 David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
