Second Excel Attack Discovered by a Hacker

Last week I wrote about an excel vulnerability that got surfaced. This week a hacker has posted a code that could exploit the vulnerability of excel spreadsheet.

The bug is not public knowledge yet. The bug could be exploited to run unauthorized programs on a Windows computer.

This latest Excel attack was disclosed Monday in a posting to the Full Disclosure security discussion list.

Both attacks(last week and this week) rely on users to open maliciously encoded Excel documents, but this new attack is less critical than the first. That’s because users must take the additional step of clicking on a specially crafted hyperlink for the attack to work. On Excel 2003, even more work is required, as users must also dismiss a warning pop-up window before the malicious code can run.

With Windows patching up all its bugs, hackers are trying to find bugs in different ways. Office is another software which is largely installed on most PCs. Hence the hackers are looking out for new avenues on Office. We have already seen some Word bugs and now a series of Excel bugs. As Microsoft fights hard to improve security, these kind of loopholes only act as a foundation that could strengthen the security in the future.

By: abs | 2006/06/24 | Windows - Software | Trackback | Comments [RSS 2.0]

Leave a Comment

Note: Email will not be displayed. Comments auto-close after 14 days.

XHTML: Line-breaks are automatic. Available tags are <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>