New Excel zero-day flaw used in attacks

Discussion in 'other security issues & news' started by ronjor, Jun 16, 2006.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,072
    Location:
    Texas
    Story
     
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    It's a spam-email and it's an email-attachment that needs to be opened. Not a very smart threat.
    Only 'dangerous' for people, who can't control their curiosity.
     
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    From the Microsoft Excel 0-day Vulnerability FAQ
    http://blogs.securiteam.com/?p=451

    Sounds ominous, but nothing much new here really: installing of malware via remote code execution, albeit in a new guise.

    Security-minded people should already be protected from the installation of trojans/droppers by remote code execution:

    There are just too many effective ways of preventing this for anyone to be hit by it.



    ________________________________________________________________
    "Talking About Security Can Lead To Anxiety, Panic, And Dread...
    Or Cool Assessments, Common Sense And Practical Planning..."
    --Bruce Schneier​
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.