More unpatched Excel flaws – warning from Microsoft

Just 24 hours after Microsoft released a fix for eight Excel flaws it was discovered that two more serious flaws remained unpatched including one rated by Secunia [1] as "highly critical." This is a serious omission, as the flaws are well documented and with demonstration code readily available. According to Secunia, "The vulnerability is caused due to a boundary error when handling overly long styles. This can be exploited to cause a buffer overflow by tricking a user into opening a specially crafted spreadsheet." The flaw affects virtually all versions of Excel, including fully patched copies from Excel 2000 onwards. In recognition of the serious nature of the problem Microsoft had recommended that all users take particular care not to open spreadsheets from untrusted sources.


This article is part of our premium content. Join Now.

Already a paid subscriber? Click here to login.

= Paid content

All Windows Secrets articles posted on 2006-07-20: