We fill you in on the latest Excel exploit and what you can do to protect yourself.
TWO EXCEL PATCHES OUTSTANDING
The last ‘zero day’ security breach in Excel hasn’t yet been patched (see our special issue of Office Watch) and now there’s another Excel-related problem
So now we have two unpatched Microsoft Office related security breaches on the books.
In this issue we’ll fill you in on the latest problem and what you can do to protect yourself.
ANOTHER EXCEL PROBLEM – SORT OF
The latest Excel ‘breach’ is a ‘proof of concept’ only at this stage – meaning that the exploit has been demonstrated but no-one has yet used it to infect computers. Microsoft is stressing that point, but as other people have noted, the exploit is easy to copy and so it’s only a matter of time before someone uses it.
In short, the latest problem can occur in hyperlinks contained in an Excel document – a specially created link can, when clicked, cause another program to run (eg a virus or other nasty/nastie).
There are variations on the basic exploit, various ways of getting the unwary to open an Excel spreadsheet and have the exploit activated.
While Excel is the place where the link appears, it seems the problem is really in a core part of the Windows operating system, not Excel. Whatever the problem is, Microsoft is adding it to the list of unpatched security holes.
You’d have to hope that, with the various publicly known methods of using this security breach, Microsoft will move quickly to plug the breach and not wait for the usual monthly bulk release.
WHAT TO DO?
All you can do is apply the usual cautions, be wary of links in Excel documents and Excel documents generally until further notice. That’s standard really since you should be careful about files from unknown sources (let alone links in files).
Its good advice from Microsoft but it overlooks the fact that emails can be spoofed with the ‘From’ address faked to seem like it’s from someone you know.
What do they say these days ‘Be alert but not alarmed’ – there’s no reason to panic, just keep the currently low possibility in mind.
While Microsoft’s actions are not known at the time of publication, you can bet that the major anti-virus companies are working on updates to detect possibly suspect documents. As always, make sure that your anti-virus software is up to date.
