Excel is the latest target

A few days after Microsoft released a sizeable number of its bug fixes in June, another critical vulnerability was discovered again. This time, Excel is the target.

Microsoft released bug fixes for Windows and other products last Tuesday. These patches a total of 21 vulnerabilities. Nineteen of the vulnerabilities pose a serious threat to systems that do not include updates and can result in taking control of them. However, shortly after the bug fixes were released, another critical vulnerability was discovered that could cause serious problems when using Excel this time.

Mike Reavy, a Microsoft Security Response Center employee, said the report of the Excel bug came from one of their clients. The problem was immediately investigated, and it was revealed that the vulnerability could be exploited through specially edited Excel files that could even be forwarded as e-mail attachments. If the user opens such an Excel file, malicious codes can run on his computer.

The vulnerability was also examined by the security company Secunia, and it was classified as one of the most dangerous security flaws. The vulnerability, which earned the "particularly critical" danger classification, can cause serious damage and endanger computers on a wide scale. The security gap can also be detected in Excel 2000 and Excel 2003.

The risk of the error is further exacerbated by the fact that the first Trojan has been released to exploit the vulnerability in Excel. According to the SANS Internet Storm Center, the Mdropper.J Trojan infects computers by exploiting a recently discovered security flaw.

It is not yet known when Microsoft will be ready with the error correction and when it will be released. In principle, it can only become available on the second Tuesday of next month, but in view of the severity of the vulnerability, the necessary update may be made available for download "out of line". Mike Reavy asked that everyone handle documents from untrusted sources with care.