Microsoft Excel XML Vulnerability

Under normal circumstances, Microsoft Excel produces a warning dialogue when a user attempts to open a macro file that resides outside of the spreadsheet that is currently in use. The dialog box will not appear if the user opens a macro file consisting of Excel 4.0 Macro Language (XML) in an external text file. Even if a user were to have chosen the option of 'High Security' in Excel, they would still be affected by this vulnerability. It is not possible to exploit this vulnerability in such a way that it would self launch.


Privacy Statement
Copyright 2010, SecurityFocus