New Excel exploit using an undocumented vulnerability....
An incident has been reported in an incidents mailing list and on a couple of MS security blogs warning that there has been one report of a previously undocumented vulnerability in Excel being used in a hostile attack. This means that you do *NOT* need to panic and switch to OpenOffice because the sky is falling.
This incident is what you could call a "zero day" exploit - that is, an exploit that is used by bad guys *before* being discovered by good guys, instead of being discovered by good guys and *then* being used by the bad guys.
The exploit worked because somebody opened an attachment received via email. Going on the assumption that the attack was targeted, it is possible that the email content was written in such a way as to make it extremely difficult, if not impossible, to spot that it was not legitimate.
If you are not *expecting* an attachment, do not open it. Phone the sender and ask them if they sent it. Reply to the email and ask them if they sent it.
Its a pain, but I think that as a community we are simply going to have to put into place new protocols to verify the legitimacy of emails that we receive.
Limited information about the exploit incident and Excel vulnerability is below:
Reports of a new vulnerability in Microsoft Excel http://blogs.technet.com/msrc/archive/2006/06/16/436174.aspx
Microsoft Excel Unspecified Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/18422
Trojan.Mdropper.J
http://securityresponse.symantec.com/avcenter/venc/data/trojan.mdropper.j.html
Downloader.Booli.A
http://securityresponse.symantec.com/avcenter/venc/data/downloader.booli.a.html