Zero-Day Excel Exploit In the Wild

← Back to Stories (view on slashdot.org)

Zero-Day Excel Exploit In the Wild

Posted by kdawson on Tuesday February 24, 2009 @08:13AM from the be-careful-out-there dept.

snydeq writes "Microsoft Excel has a zero-day vulnerability that attackers are exploiting on the Internet, according to security vendor Symantec. The problem affects Excel 2007 both without and with Service Pack 1, according to an advisory on SecurityFocus, and other versions going back to Excel 2000. The program's vulnerability can be exploited if a user opens a maliciously crafted Excel file, allowing a hacker to leave a Trojan horse on the infected system."

10 of 117 comments (clear)

Min score:

Reason:

Sort:

An Exploit by Anonymous Coward · 2009-02-24 08:16 · Score: 2, Funny

An exploit? In my Microsoft product?
SAY IT AIN'T SO!!!
Random E-mails by 0prime · 2009-02-24 08:20 · Score: 5, Funny

Well, let me just open this excel file detailing the financial agreement I will be making with Mr. Ugubu. Surely there is nothing wrong with opening attachments from untrusted sources.

--
I am not a *blank*, but I did stay at a Holiday Inn Express last night.
1. Re:Random E-mails by the_humeister · 2009-02-24 08:32 · Score: 4, Funny
  
  What do you mean "untrusted." He just sent me an email detailing how he is the caretaker of the Nigerian's former king's fortune. It sounds official too.
2. Re:Random E-mails by gEvil+(beta) · 2009-02-24 08:42 · Score: 3, Funny
  
  What do you mean "untrusted." He just sent me an email detailing how he is the caretaker of the Nigerian's former king's fortune. It sounds official too.
  
  No kidding. I got an email a few weeks ago from Kofi Annan that talked about how he and some "big wigs at the UN" (his words, not mine) were looking for ways to split up some money, and he was wondering if I would be interested in receiving a share. I've heard of Kofi Annan and know that he was associated with the UN at one point, so it doesn't get any more official sounding than that.
  
  --
  This guy's the limit!
3. Re:Random E-mails by Anonymous Coward · 2009-02-24 17:44 · Score: 1, Funny
  
  In Soviet Russia For Infos You!!!
Re:zero day? by orzetto · 2009-02-24 08:47 · Score: 4, Funny

I think it is the count of how much time Microsoft has been working on the bug.

--
Victims of 9/11: <3000. Traffic in the US: >30,000/y
Another reason I can't use OpenOffice ..... by whoever57 · 2009-02-24 08:51 · Score: 5, Funny

With yet another incompatibility between OpenOffice and Excel, I really can't use OpenOffice.

--
The real "Libtards" are the Libertarians!
Next up: Zero-day Notepad exploit found by kkrajewski · 2009-02-24 09:15 · Score: 5, Funny

Reading plaintext unsafe. News at eleven.
Re:zero day? by wastedlife · 2009-02-24 09:45 · Score: 2, Funny

The fact that this was modded informative is one of the funniest things I've seen all day.

--
Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"
Coincidence? by chill · 2009-02-24 11:20 · Score: 5, Funny

Once, long ago, Excel had a full flight simulator hidden in the code. Then Microsoft created the Flight Simulator team and it was one of their landmark "games".
Fast forward many years. Microsoft closed down Flight Simulator and a few days later there is a "several year old zero-day" exploit in, of all places, Excel.
Coincidence? I THINK NOT! Paybacks are a bitch, aren't they Mr. Ballmer?

--
Learning HOW to think is more important than learning WHAT to think.