Microsoft Security Advisory (968272)
A Zero-Day exploit is one that there are no patches for and is currently public and being used to attack computers. This one effects at this time Microsoft Excel 2008 for Mac, Microsoft Excel 2007 SP1, Microsoft Excel 2007, Microsoft Excel 2007, Microsoft Excel 2004 for Mac, Microsoft Excel 2003 SP3, Microsoft Excel 2003 SP2, Microsoft Excel 2003 SP1.
The program can be exploited when the user opens a specially crafted Excel document. The exploit then leaves a Trojan on the computer, defined by Symantec as Trojan.Mdropper.AC
So what should you do?
Be on the lookout for Emails that contain Zip files or anything else holding a Excel Spreadsheet. If you receive an email from someone you know, and it contains an Excel Spreadsheet verify with them that they sent it before opening it. If you receive an email from someone you don’t know, DO NOT OPEN IT. You should not be opening any attachments anyway, but be extra careful till a patch for this is released.
Do not open Excel documents from Websites, any Period. Till this is patched. Hackers will use tricks to place these Excel documents in places where people may be tempted to open them.
It will only be a matter of time, before this is being pushed out by Spammers to gain more Bots/Zombies for their Botnets.
