Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows platforms.
A buffer overflow in Excel when processing long URL strings allows command execution when a user clicks on a specially crafted link within a spreadsheet.
Do not open Excel files from untrusted sources.
Exploit works on Microsoft Excel 2002. In order for exploitation to occur, a user must download and open the exploit file and click on the Click Here link. Note that on Windows XP, a pop-up window comes up after the click, and the user must click on either button to trigger the exploit.