Rigged Excel documents making the rounds
Security experts have warned that malicious Microsoft Excel documents are making
the rounds via email, exploiting an unpatched Excel vulnerability that has been
known publicly since January.
The attacks come as Microsoft
prepares to release several critical patches affecting every supported version
of Office. The patches are believed to include a fix for the Excel bug.
Security organization US-CERT issued a warning this week on a Trojan exploiting
the Excel bug.
"This Trojan is circulating through email messages that contain attached
Excel files," US-CERT said in an advisory. "Known file names for these
attachments are OLYMPIC.XLS and SCHEDULE.XLS. These files may also contain Windows
binary executables that can compromise an affected system."
Maarten Van Horenbeeck, handler with the SANS Institute's Internet Storm Center
(ISC), confirmed the attacks and said SANS had been tracking several exploits
over the last few days.
"It should be noted that the incidents we are aware of have been limited
to a very specific targeted attack and were not widespread," Horenbeeck
said in an advisory. "In total, we established approximately 21 reports
of attacks using only 8 different files, from within the same two communities,
so far."
Some of the sample Trojans connect back to a server to retrieve the IP address
of the control server, Horenbeeck said.
Microsoft first acknowledged the unpatched bug in January, in Security Advisory
947563.
The bug affects Excel 2003 Service Pack 2, Excel Viewer 2003, Excel 2002, Excel
2000, and Excel 2004 for Mac, Microsoft said. Successful attacks give the attacker
the same rights as the local user.
This week Microsoft plans to ship four "critical" security fixes.
The number of security bulletins Microsoft plans to issue is substantially below
last month's 11 but the Office-only nature of the updates is unusual.
Of the planned patches, one appears to be for an Excel file format flaw and
a second also relates to the spreadsheet application, while the third deals
with a bug in Office Web Components -- controls that let users publish spreadsheets,
charts and databases to the web, then view that content once it's published.
» posted by abennett
Techworld.com
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
