Friday, July 17, 2009

A security vulnerability in Office XP 2003 and 2007 already exploited by hackers

Microsoft had to recognize the existence of a security vulnerability in its Office suite on the day of the distribution of its monthly security patches. This vulnerability lies in the web components of Office that are triggered via Internet Explorer. It is embarrassing for Microsoft, communicate attacks have been on Office XP, 2003 and 2007 users via a security hole. This vulnerability lies in Office Web Components which can be used with Internet Explorer.

Hackers create pages trapped and attract their victims through spam in disguise. Hackers have administrator rights on the infected PC and can then do what they want. Microsoft advises disabling Office Web Components until a patch is published at a yet unspecified date. Dave Marcus, director of security research at McAfee finds: "Despite the repairs today, Windows users are still attacked. When Microsoft made two steps forward, these attackers are the backward one." The attack exploiting the Excel Unspecified Remote Code Execution Vulnerability requires a computer user to open an attachment sent via e-mail that has a maliciously crafted Excel document. Opening the malicious spreadsheet triggers the
vulnerability. This causes the shellcode to execute and then drops two files on the system--the malicious binary mentioned earlier and another valid Excel document. The shell code then executes the dropped file and opens the valid Excel document to mask the fact that Excel has just crashed. This helps to decrease suspicion when the affected spreadsheet is opened."

No comments: