Microsoft advises how to limit Excel vulnerabilities

Microsoft offers a few "tips" for users not to be "bogged down" in a serious Excel vulnerability but without revealing when the official patch is available.

Contrary to the predictions of security, Microsoft has not released an emergency patch for the vulnerability - which is considered extremely serious. However, the software giant asserted "actively building an update".

In the meantime, Microsoft offers a few tips and tricks for users to minimize the risk.

Source: CNET The first reports of Excel vulnerabilities began to appear from the end of last week, when Microsoft said hackers had launched an attack to bypass the vulnerability. An attacker could take advantage of the vulnerability to run unauthorized software on a Windows computer, but for this to happen, he first needs to trick users into visiting a website or opening an infected attachment. poisoned.

Vulnerabilities exist in many different versions of Excel, including Excel 2000, Excel 2002 and Excel 2003.

Windows users can temporarily lock this vulnerability by changing the registration settings or setting up the gateway for the e-mail box, blocking the attached Excel file. In addition, users can remove the risk simply by not opening any unknown Excel documents.

Microsoft is currently testing the patch for this vulnerability, but its spokesperson is not sure if the patch will be available with the July security bulletin.

Misfortunes never come alone

This week is indeed a busy week for Microsoft. The Excel vulnerability was discovered just days after the June security bulletin was released (patching up to 21 bugs in Windows products).

On Monday, the company struggled to investigate an attack, shutting down Microsoft's website in French.

Yesterday, PC Mag announced that it had discovered another extremely critical vulnerability in Excel. This vulnerability can also be exploited if the user is tricked into clicking a link within an Excel document.

Microsoft has not recorded any cases that drill into the flaw, but the attack code has been published on the Milw0rm site earlier this morning.

Secunia said that the vulnerability affects Microsoft Office 2000, Excel Viewer 2003, Excel 2003, Excel 2002, Excel 2000, Microsoft Office 2003 Professional Edition, Microsoft Office 2003 and Microsoft Office XP.

Thien Y