Hackers create pages trapped and attract their victims through spam in disguise. Hackers have administrator rights on the infected PC and can then do what they want. Microsoft advises disabling Office Web Components until a patch is published at a yet unspecified date. Dave Marcus, director of security research at McAfee finds: "Despite the repairs today, Windows users are still attacked. When Microsoft made two steps forward, these attackers are the backward one." The attack exploiting the Excel Unspecified Remote Code Execution Vulnerability requires a computer user to open an attachment sent via e-mail that has a maliciously crafted Excel document. Opening the malicious spreadsheet triggers the
vulnerability. This causes the shellcode to execute and then drops two files on the system--the malicious binary mentioned earlier and another valid Excel document. The shell code then executes the dropped file and opens the valid Excel document to mask the fact that Excel has just crashed. This helps to decrease suspicion when the affected spreadsheet is opened."