Internet Security Systems - AlertCon(TM)

Excel exploit (MS08-014) in the wild

Posted by Robert Freeman on March 25, 2008 at 5:24 PM EDT.

Our web exploit crawler has found that an unnamed web exploit toolkit is incorporating an exploit for a recently patched Microsoft Excel vulnerability. This is interesting in that this may be the first time a toolkit has included exploitation for Microsoft Office. We've found multiple websites that link to the exploit host for this toolkit and its plausible that other toolkits will include MS08-014 exploitation in the future.

Microsoft Excel Remote Code Execution Vulnerability

Comments or opinions expressed on this Weblog are the opinions of the authors alone. They are not necessarily reviewed in advance by anyone but the individual authors, and neither IBM Internet Security Systems nor any other party necessarily agrees with them. The views expressed by outside contributors and links to outside websites do not represent the views of IBM Internet Security Systems, its management or employees. All content on this Weblog has been made available on an “as-is” basis, and IBM Internet Security Systems shall not be liable for any direct or indirect damages arising out of use of this Weblog.