Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security US-CERT-Alerts
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

US-CERT Cyber Security Alert SA06-167A -- Microsoft Excel Vulnerability

from [US-CERT Alerts] Network Security [Permanent Link]
Subject: US-CERT Cyber Security Alert SA06-167A -- Microsoft Excel Vulnerability
Date: Fri, 16 Jun 2006 21:07:51 -0400 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                     National Cyber Alert System

                   Cyber Security Alert SA06-167A


Microsoft Excel Vulnerability

   Original release date: June 16, 2006
   Last revised: --
   Source: US-CERT


Systems Affected

     * Microsoft Excel 2003
     * Microsoft Excel XP (2002)
     * Microsoft Excel for Mac

   Microsoft Excel is included in Microsoft Office. Other versions of
   Excel and other Office programs may also be affected.


Overview

     A vulnerability in Microsoft Excel could allow an attacker to
     gain control of your computer.


Solution

Do not open untrusted Excel documents

     At the time of writing, an update is not available. Do not open
     unfamiliar or unexpected Excel or other Office documents,
     including those received as email attachments or hosted on a web
     site. Please see US-CERT Cyber Security Tip ST04-010 for more
     information.


Description

     An attacker could exploit a vulnerability in Microsoft Excel by
     convincing a user to open a specially crafted Excel document. The
     Excel document could be included as an email attachment or hosted
     on a web site. It may also be possible to exploit the
     vulnerability using Excel documents embedded in other Office
     documents.

     For more technical information, see US-CERT Technical Alert
     TA06-167A.


References

     * US-CERT Technical Alert TA06-167A -
       <http://www.us-cert.gov/cas/techalerts/TA06-167A.html>

     * Vulnerability Note VU#802324 -
       <http://www.kb.cert.org/vuls/id/802324>

     * Cyber Security Tip ST04-010 -
       <http://www.us-cert.gov/cas/tips/ST04-010.html>

     * Microsoft Security Essentials -
       <http://www.microsoft.com/protect/>


 ____________________________________________________________________

   The most recent version of this document can be found at:

     <http://www.us-cert.gov/cas/alerts/SA06-167A.html>
 ____________________________________________________________________

   Feedback can be directed to US-CERT. Please send email to
   <cert@cert.org> with "SA06-167A Feedback VU#802324" in the subject.
 ____________________________________________________________________

   Mailing list information:

     <http://www.us-cert.gov/cas/>
 ____________________________________________________________________

   Produced 2006 by US-CERT, a government organization.

   Terms of use:

     <http://www.us-cert.gov/legal.html>
 ____________________________________________________________________


Revision History

   June 16, 2006: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRJNUrX0pj593lg50AQIAPgf/SXzcTDvGEWtQIroiEsiJxqnDVCCZAwLA
NCgpqxQpZiqgt2e2JLjQ63ha6SeXCI9kTUhqfMMbXaHpOvfeoVe/kyBgjoAoHR+Z
E/6ek0jIuF7k6tcuek/8BjnuOa9OgNFSDSGKjOeMoDzyaIeYNW5di/ccPhZPhCAF
1kkBXBmhNMy6fFma2d4DbuSCNQ6q+NvusCiXfBMLSlek1wUjBuI+9cEqrbk4Ft7d
olknWzo7voU8Vf4gQffOnMLQkZxSG/yGa4V8QprtBDOA99N2X0Dm0LEyuSDjwidk
OsL0uYeaC2qlHKHOyrTrSLAi9OugmVg9P/Swn7lDCwxCHZQs9FY33A==
=3BBe
-----END PGP SIGNATURE-----
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • US-CERT Cyber Security Alert SA06-167A -- Microsoft Excel Vulnerability, US-CERT Alerts <=
Previous by Date:  US-CERT Cyber Security Alert SA06-164A -- Microsoft Windows, Internet Explorer, Media Player, Word, and PowerPoint Vulnerabilities, US-CERT Alerts
Next by Date:  US-CERT Cyber Security Alert SA06-192A -- Microsoft Windows, Office, and IIS Vulnerabilities, US-CERT Alerts
Previous by Thread:  US-CERT Cyber Security Alert SA06-164A -- Microsoft Windows, Internet Explorer, Media Player, Word, and PowerPoint Vulnerabilities, US-CERT Alerts
Next by Thread:  US-CERT Cyber Security Alert SA06-192A -- Microsoft Windows, Office, and IIS Vulnerabilities, US-CERT Alerts
Indexes:  [Date] [Thread] [Top] [All Lists]