Microsoft Excel Drawing Shape Hyperlink Macro Execution Vulnerability

Microsoft Excel Drawing Shape Hyperlink Macro Execution Vulnerability

A vulnerability has been reported in some versions of Microsoft Excel for Windows. It may be possible to execute macro code despite restrictions imposed by the Macro Security Model.

When an Excel workbook is opened through a hyperlinked Drawing Shape object included in a currently open Excel workbook, the Macro Security Model may be bypassed. It is possible to automatically execute arbitrary macro code contained in the newly opened workbook.