1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Excel OBJ Record BO

Web Attack: Excel OBJ Record BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detection a vulnerability in Microsoft Excel which may result in remote code execution.

Additional Information

Microsoft Excel is a spreadsheet application that is part of the Microsoft Office suite.

Excel is prone to a remote code-execution vulnerability when parsing malformed 'FORMAT' records in Excel files. Stack-based buffer overflow in Microsoft Office Excel allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record.

Attackers may exploit this issue by enticing victims into opening a malicious Excel file.

Successful exploits may allow attackers to execute arbitrary code with the privileges of the user running the application.

Affected

  • Microsoft Excel

Response

The vendor has released an advisory and updates. Please see the references for details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube