In order for this attack to be carried out, a user must first open a malicious Office file attached to an e-mail or otherwise provided to them by an attacker. While we are currently only aware of Excel as the current attack vector, all office documents are potential vectors.
As a best practice, users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources.
References:
- Microsoft Security Advisory 932553 – Vulnerability in Microsoft Office Could Allow Remote Code Execution
No comments:
Post a Comment