Common Tasks

Recent Posts

Community

Email Notifications

Personal Links

Archives

Security Protection - Harry Waldron (CS)

Security Best Practices, Breaking News, & Updates

Microsoft Excel - New Targeted attacks

F-Secure is warning of new targeted attack campaigns using Excel with versions from 2002-2007 potentially vulnerable.  Please be careful in handling all unusual or unexpected attachments received by email.

Microsoft Excel - Be careful of new Targeted attacks
http://www.f-secure.com/weblog/archives/00001975.html

QUOTE: But here's a fresh set of attacks done with XLS files instead. This is some sort of personnel list. Like the other examples here, it drops and runs a backdoor when viewed. The exploit in these files targets Excel Pointer Offset Memory  Corruption Vulnerability CVE-2009-3129. As you can see, such attack files can look like perfectly normal and credible document files.

CVE-2009-3129 Information
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3129

QUOTE: Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset, aka "Excel Featheader Record Memory Corruption Vulnerability."

Posted: Jun 27 2010, 09:23 AM by Harry Waldron | with no comments