Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Confirms Excel Zero-Day Attack

Posted by ryuzaki0 on from the 0day-warez-is-fun-to-say-though dept.

Guglio writes "Eweek has a story about a new, undocumented Excel flaw that is being used in a targeted attack against an unnamed business. The latest zero-day attack comes just two days after Patch Tuesday (coincidence?) and less than a month after a very similar, 'super, super targeted attack' against business interests overseas. The back-to-back zero-day attacks closely resemble each other and suggest that well-organized criminals are conducting corporate espionage using critical flaws purchased from underground hackers."

8 of 199 comments (clear)

  1. Solultion? by Anonymous Coward · · Score: 0, Interesting

    If Criminal orgs are purchasing exploits, why doesn't Microsoft? (it's not like the don't have the money!)

  2. news? by bcrowell · · Score: 4, Interesting

    Why is this news? If users are willing to click on an attachment from someone they don't know, then of course they're extremely vulnerable. Of course, the problem is made worse by the fact that MS makes it so difficult not to run with administrator privileges. If this is really targeted at a particular business, then the solution seems pretty simple: that business tells all their employees not to click on attachments from people they don't know, and whips up some software to filter out this stuff before it even gets to their users. If they're big enough to be an attractive target for extortion, they're presumably big enough to have an IT staff competent to take care of those simple steps.

    --
    Find free books.
    1. Re:news? by Bert64 · · Score: 2, Interesting

      Users shouldn't need to worry about stupid shit like this.
      End users should be able to open data files (data, not executeable files) without fear of being owned. Data files should not have the ability to contain code (with the exception perhaps of rudimentary macros which can only interact with the host program and are sandboxed, like java applets or javascript)

      --
      http://spamdecoy.net - free throwaway anonymous email - avoid spam!
    2. Re:news? by Frightening · · Score: 2, Interesting
      Why can't we allows businesses to expand my making contacts with new, previously unknown people ?

      Because that's called MySpace, and look where that got us. Think of the children.
      *raises troll mod shield*
  3. Re:It's part of Microsoft's plan by WindBourne · · Score: 2, Interesting

    Funny thing is, that in windows the most secure is the stuff that has been around for a good long time and with all patches (while true of all, this seems to be the most true of MS). Every single new release MS says that this is the most secure item, when in reality it is not. All it really is, is a new version with new features that will always contains LOADS of major bugs across all the LOC.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  4. Another reason to have an open file format by Bert64 · · Score: 4, Interesting

    With an open file format such as OpenDocument, it would be much harder to hide malicious code and/or exploits in a document...

    You could easily parse the file at your gateway, and validate the xml content against the published schema (rejecting it if it fails), although this wouldn't be foolproof (an exploit could still exist within well formed xml, but is less likely) it would cut out a significant portion of vulnerabilities.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!
  5. Re:Presumably they could but... by mugnyte · · Score: 2, Interesting


      What raises my eyebrows is that hacks like this are a "one shot deal". You can't run an exploit for very long without it getting notice, then patched. So the charge for these must be pretty high, given that it seems like work for hire.

      So the business background on this exploit is probably far juicier than the exploit itself. The path to contact, payment, motive, etc are probably a great story. I would certainly read that book.

      Of course, if writing such a book, I would take the XLS information and place it on the market itself, continuing the intrigue. Let's hope its something dealing with a government, which then topples, affecting more change than someone getting rich. I mean, if writing, write big.

  6. Employ the hackers (fight fire with fire) by JakeChance · · Score: 2, Interesting

    Why doesn't anyone employ these hackers to attack spam companies. It would be using one destructive web force against an annoying one, after all, I'm sure they get spam too. The enemy of my enemy is my friend.