Last week a 0-day exploit was discovered that affects Microsoft Excel. The vulnerability could allow the execution of arbitrary code on an affected computer.
The term "0-day" refers to the fact that there is currently no patch available to correct the vulnerability. However, Microsoft published a security advisory that offers workarounds to help prevent successful exploitation.
Microsoft said that the problem affects Excel 2003, and Excel Viewer 2003, Excel 2002, Excel 2000, Excel 2004 for Mac, and Excel X for Mac. The vulnerability can be exploited when Excel enters repair mode, which is typically used to repair corrupt files.
Microsoft's workarounds offer detailed instructions on how to prevent Excel from entering repair mode. Other workaround suggestions include blocking all Excel documents from entering the network and blocking Outlook's capability to open Excel file attachments.
Anti-malware vendors moved quickly to develop detection and removal capabilities to guard against exploits. According to Symantec, the current exploit drops a Trojan (Trojan.Mdropper.J) onto the system. The Trojan installs Downloader.Booli.A, which is used to download other malware from remote Internet sites.
The full text Microsoft Security Advisory (921365) is available at the company's Technet Web site.