Microsoft Excel 0day Vulnerability FAQ

Q: What is Excel 0-day vulnerability?
A: This previously unknown vulnerability is caused by an unknown error when processing malformed Excel documents. The detailed characteristics or component being exploited is not publicly known. Vulnerability was disclosed via malware descriptions informing new trojan exploiting undocumented vulnerability in Excel. This flaw has been used in attacks against unknown organization. Microsoft tells about one report of their customer.

Q: How does the vulnerability work?
A: The vulnerability is code execution type vulnerability. Attacker successfully exploiting this vulnerability can run code of his or hers choice in the affected machine. Executing arbitrary code is done with the recent privileges of logged user. SecuriTeam Blogs Microsoft Excel 0-day Vulnerability FAQ

Linked by shanmuga Sunday, 18th June 2006 7:55AM