Beware of Malicious Excel FilesBy Ryan Naraine | Posted 2008-03-11 Email Print
Re-Thinking HR: What Every CIO Needs to Know About Tomorrow's Workforce
Computer security experts warn that booby-trapped Excel documents are circulating with malicious executables.
According to an alert issued by the United States Computer Emergency Readiness Team, a malicious Trojan has been rigged into .xls files that are being distributed via e-mail.
"Known file names for these attachments are OLYMPIC.XLS and SCHEDULE.XLS. These files may also contain Windows binary executables that can compromise an affected system," according to the US-CERT warning.
Researchers at the SANS ISC (Internet Storm Center), a group that tracks malicious Internet activity, have confirmed the latest attacks, which are exploiting a known—and unpatched—vulnerability in Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000 and Microsoft Excel 2004 for Mac.
Read the full article at eWEEK.