Hackers start exploiting new Excel errors

On the Security Response Center page, Microsoft warns hackers can distribute an malicious Excel document via e-mail or any file sending service to exploit errors in popular spreadsheet programs and system attacks. user.

The Redmond, Washington-based company admits that at least one customer has been troubled with a new vulnerability. " Hacker only succeeds when someone opens a dangerous file. Therefore, people need to be cautious about any attachments, whether from familiar or unfamiliar, " a Microsoft representative warned.

According to US security firm Symantec, the Trojan named Mdropper.J and the Booli.A program have the ability to automatically download more malicious files to the infected computer after the user clicks okN.xls.

The new issue affects every version of the spreadsheet, including Excel 2003 and Excel 2000, and an attacker can gain control of the entire system.

This problem occurred only days after Microsoft released 12 newsletters to patch 21 vulnerabilities in product lines, including Office office application packages. " Recently, Microsoft rarely fixes bugs ahead of time. Trojans appear immediately after the June security newsletter of the software group, showing that hackers will have a whole month to run, " said Scott Carpenter, expert of Secure Elements (US) security company, said.

Microsoft has also solved a problem with the Word word processor in the June 14 newsletter. The flaw was exploited by hackers many weeks ago but Microsoft still decided to patch it according to the predetermined plan. They just remind customers to be careful when opening Word files and run the program in safe mode (Safe Mode).

TN