• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Malicious Excel Documents Contain Unwelcome Surprises

March 9, 2010 By The Editor

Summary:

  • These vulnerabilities affect: All current versions of Excel shipping with Microsoft Office, and ancillary Office products (like Excel Viewer)
  • How an attacker exploits them: By enticing you to open maliciously crafted Excel documents
  • Impact: An attacker can execute code, potentially gaining complete control of your computer
  • What to do: Install the appropriate Excel patch immediately, or let Microsoft’s Automatic Update do it for you.

Exposure:

Today, Microsoft released a security bulletin describing seven vulnerabilities found in Excel, a component that ships with Microsoft Office. The vulnerabilities affect all current versions of Office for Mac and PC, as well as ancillary Office components, such as Excel Viewer and Office compatibility packs. They even affect Microsoft Sharepoint Server.

Though the seven vulnerabilities differ technically, they share the same basic scope and impact. By enticing one of your users into downloading and opening a maliciously crafted Excel document, an attacker can exploit any of these vulnerabilities to execute code on a victim’s computer, inheriting that user’s level of privileges and permissions. If your user has local administrative privileges, the attacker gains full control of the user’s machine.

Although this type of attack requires some user interaction (which is why Microsoft only rates it as Important), we suspect that your users interact with Office documents quite regularly. An attacker could probably easily convince many users to open a malicious Excel document, so we recommend you apply this Excel update immediately.

Solution Path

Microsoft has released an Excel update to correct these vulnerabilities. You should download, test, and deploy the appropriate patch throughout your network immediately, or let the Microsoft Automatic Update feature do it for you.

MS10-017:

Excel update for:

  • Office XP w/SP3
  • Office 2003 w/SP3
  • 2007 Microsoft Office System w/SP1
  • Office Excel Viewer
  • Office 2004 for Mac
  • Office 2008 for Mac
  • Open XML File Format Converter for Mac
  • Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
  • Microsoft Office SharePoint Server 2007
  • Microsoft Office SharePoint Server 2007 64-bit Edition

For All WatchGuard Users:

While you can configure certain WatchGuard Firebox models to block Microsoft Excel documents, some organizations need to allow them in order to conduct business. Therefore, the patches above are your best recourse.

If you want to block Excel documents, follow the links below for video instructions on using your Firebox proxy’s content blocking features by the .xls file extensions. Keep in mind, blocking files by extension blocks both malicious and legitimate documents.

  • Firebox X Edge running 10.x
    • How do I block files with the FTP proxy?
    • How do I block files with the HTTP proxy?
    • How do I block files with the POP3 proxy?
    • How do I block files with the SMTP proxy
  • Firebox X Core and X Peak running Fireware 10.x or Fireware XTM
    • How do I block files with the FTP proxy?
    • How do I block files with the HTTP proxy?
    • How do I block files with the POP3 proxy?
    • How do I block files with the SMTP proxy?

Status:

Microsoft has released an Excel update to fix these vulnerabilities.

References:

  • MS Security Bulletin MS10-017

Share This:

Related

Filed Under: Security Bytes Tagged With: excel

Comments

  1. imgfave.com says

    September 5, 2014 at 9:47 am

    Baterie Forb to rozbudowania seria która ma zarówno bateria umywalkowa stojaca (imgfave.com),
    natryskowe jak i kuchenne z wieloma dodatkowymi udogodnieniami.
    Podstawową zaletą serii jest niesamowita oszczędność wody.
    Z pewnością można rzec, że bateria oszczędza wodę za nas.
    Nie trzeba już pamiętać o tym by zmniejszać
    strumień – robi to za nas bateria. Ponad to funkcją jest także ograniczenie temperatury.
    Baterie do umywalko tworzone są również w wersji zawierającej w zawór spustowy (korek automatyczny).

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • Cybersecurity’s Toll on Mental Health

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use