Intrusion Prevention



This indicates an attack attempt against a remote code-execution vulnerability in Microsoft Office Excel.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted .XLS file. It allows a remote attacker to execute arbitrary code.

Affected Products

Microsoft Excel 2002 Service Pack 3
Microsoft Excel 2003 Service Pack 3
Microsoft Excel 2007 Service Pack 2
Microsoft Excel 2010 (32-bit editions)
Microsoft Excel (64-bit editions)
Microsoft Office for Mac
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
Other Microsoft Office Software
Microsoft Excel Viewer Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available from the vendor's web site:

CVE References