Microsoft is warning of a new – and serious – security flaw in their Excel spreadsheet program. It is a potentially huge problem since business users are so used to opening spreadsheets. It can be easily fixed by applying the security patches Microsoft has put in place – but you will need to get those patches ASAP. This hits the Windows and Mac versions of Excel, folks.
The problem in Excel allows a hacker to create a malicious Excel document that when opened can compromise a computer, Microsoft said in an advisory. The vulnerability could allow remote code to be executed on a computer, which means a user risks having their personal data exposed.
Microsoft downplayed the risk, saying only targeted attacks have been seen. But since Microsoft Excel documents are commonly used for business, vulnerabilities such as this pose a greater risk.
"Users are familiar with the document being sent to them and are likely to open it," wrote security analyst Maarten Van Horenbeeck, in a commentary on the Web site for the SANS Internet Storm Center, which monitors Internet threats.
The vulnerability is within the Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000 and the Mac version, Microsoft Excel 2004.
Those who have installed Office Service Pack 3, which includes updates for Excel as well as other products in the office productivity suite, are not affected, Microsoft said. That service pack was released last September.
Do yourself and the rest of us a favor. If you have not installed Service Pack 3 yet, please do so at once. This is also a good time to remind folks that the December Microsoft Windows updates are out – and they are important.
Gaius,
Um, I think you mean the January updates are out.
You’re correct. Must be that darn time warp thingee again.