Lucene search

K
threatpostDennis FisherTHREATPOST:1D743B7D5397A9D33A091396D1D95BDB
HistoryJul 13, 2009 - 6:53 p.m.

New Flaw in Microsoft Office Web Components Under Attack

2009-07-1318:53:30
Dennis Fisher
threatpost.com
90

EPSS

0.974

Percentile

99.9%

From SearchSecurity (Robert Westervelt)

Microsoft issued an advisory Monday, warning of a new vulnerability in Office Web Components being actively targeted by attackers. The Office Web Components allow users to view spreadsheets, charts and databases on the Web. Microsoft said the vulnerability is in the Spreadsheet ActiveX Control, which is used by Internet Explorer (IE) to display the data in the browser. It is remotely exploitable when a person browses with IE and visits a malicious website. If successfully exploited, an attacker could gain the same user rights as the local user and gain complete control of a system, Microsoft said. Read the full story [SearchSecurity].