Another New Security Vulnerability Discovered in Microsoft Excel
The French Security Incident Response Team has identified a new security vulnerability in Microsoft Excel, which was disclosed yesterday (July 6).
This security research unit stated that hackers could exploit this vulnerability to take control of users’ systems.
The vulnerability arises from a buffer overflow that occurs when the application processes or repairs a file with excessively long content. Attackers can exploit this security flaw to execute binary commands by tricking users into opening and editing a specially crafted Excel file.
The French Security Incident Response Team reported that versions of Excel 2000, 2002, and 2003, as well as the Office 2000, 2002, and 2003 suites, are all affected by this security issue.
A Microsoft spokesperson stated that the company is currently reviewing the reports from the French Security Incident Response Team and confirmed that there have been no attacks exploiting this vulnerability to date.
“To carry out an attack using this vulnerability, the attacker must first trick the user into opening a malicious Excel file sent via email or through any other means,” the Microsoft spokesperson said. “We advise users to exercise caution whenever opening attachments in emails.”
According to Microsoft, this newly discovered vulnerability also affects Excel versions in Japanese, Korean, and Chinese.
This marks the third security vulnerability in Excel identified in the past month. On June 16, a vulnerability was discovered that had already been exploited in attacks. Two weeks later, another security flaw was revealed.
Hoàng Dũng
