Microsoft Warns of a New Excel Vulnerability
This past Tuesday Microsoft informed that there is a flaw that affects Excel for both Mac and Windows systems, that allows a hacker to booby-trap an Excel file.
The vulnerability is within the Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000 and the Mac version, Microsoft Excel 2004.
People who have installed Office Service Pack 3, which includes updates for Excel as well as other products in Office are not affected. Also not affected are Microsoft Office Excel 2007, Microsoft Office Excel 2007 Service Pack 1 and Microsoft Excel 2008 for the Mac.
Microsoft has not decided whether to issue a fix as part of a monthly patch update yet; if this vulnerability is not being overly exploited, it's probable they will wait until February to correct it.