Iouri
October 17th, 2001, 09:38 AM
Patch Excel's malformed document vulnerability (98/2000/2001/2002)
Excel is once again a target for malicious coders looking for ways to compromise computer systems. A security hole has been uncovered in both Excel and PowerPoint that could potentially allow someone to create a file that bypasses the usual macro warning that appears when you open a document containing code.
Patches are available for Excel 2000 and 2002 on the PC and versions 98 and 2001 for the Mac.
What about Excel 97? Even though this version is affected, don't expect any help addressing the issue. Microsoft's official recommendation is to "upgrade to a supported version with a more robust macro security model," alluding to the ability for Excel 2000 and above to require signed macros.
It's true that Office 97 is no longer a supported product (when a new version comes out, Microsoft only supports that version and one prior).
To get the patch and read more information about the vulnerability, go to: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-050.asp
Iouri Boutchkine
iouri@hotsheet.com
Excel is once again a target for malicious coders looking for ways to compromise computer systems. A security hole has been uncovered in both Excel and PowerPoint that could potentially allow someone to create a file that bypasses the usual macro warning that appears when you open a document containing code.
Patches are available for Excel 2000 and 2002 on the PC and versions 98 and 2001 for the Mac.
What about Excel 97? Even though this version is affected, don't expect any help addressing the issue. Microsoft's official recommendation is to "upgrade to a supported version with a more robust macro security model," alluding to the ability for Excel 2000 and above to require signed macros.
It's true that Office 97 is no longer a supported product (when a new version comes out, Microsoft only supports that version and one prior).
To get the patch and read more information about the vulnerability, go to: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS01-050.asp
Iouri Boutchkine
iouri@hotsheet.com