Level 10 Security Alert: Microsoft Excel Zero-day Vulnerability

Share Article

Leading security and compliance expert from Secure Elements available to comment on threat.

Past News Releases


Microsoft posted a warning today that there has been an exploit published for a previously unknown flaw in Excel. This vulnerability is exploited by opening a malicious Excel document. The vulnerability is currently being exploited by Trojan.Mdropper.J which drops Downloader.Booli.A on the affected system.

"On the heels of one of the largest patch Tuesday’s this year, another zero day vulnerability has been reported to the security community," said Scott Carpenter, Director of the Security Labs at Secure Elements.

"There is a flaw in Microsoft Excel that has allowed virus creators to create a specially crafted Excel document, that, when opened by a user, causes a users PC to download and install a Trojan horse which essentially allows an attacker to take over the PC. This type of targeted attack that requires some form of user interaction similar to a current upward trend in similarly styled attacks. I am sure it is not by accident that this virus was timed to be deployed immediately after Microsoft patch Tuesday. In recent similar attacks, Microsoft has not issued an out of cycle patch. The exploit's immediate release after patch Tuesday is evidently designed to take advantage of a full month before Microsoft is scheduled to patch it."

Security engineers from Secure Elements, the leader in enterprise vulnerability management and compliance risk reduction solutions, have classified the severity of this vulnerability as “10,” meaning this vulnerability is locally and remotely exploitable, with no available patches or workarounds. The Security Lab engineers are not aware of any patches released by the vendor.

It is advised to use caution when opening Microsoft Word documents that are sent as attachments via email or otherwise received from an un-verified and trusted source. It is also highly recommended that antivirus software with up to date virus definitions is present on all systems with email capability.

Systems Impacted:

o    Microsoft Windows Excel 2000

o    Microsoft Windows Excel 2002

o    Microsoft Windows Excel 2003

o    Microsoft Office 2000

o    Microsoft Office XP

o    Microsoft Office 2003


o    http://rm.secure-elements.com/rss/docs/20060616_alert1.html
o    http://blogs.technet.com/msrc/archive/2006/06/16/436174.aspx
o    http://www.securityfocus.com/bid/18422
o    http://isc.sans.org/diary.php?storyid=1420&rss

Scott Carpenter, Director of the Security Labs at Secure Elements, is available to discuss the vulnerability and zero day exploit, what it means to consumers and businesses, the motivations of the worm authors and the reaction to the worm by members of the vulnerability management community.

Enterprises or others may contact Secure Elements at 1-800-709-5011 to obtain more information or schedule discussions with expert sources from Secure Elements.

Members of the media interested in obtaining commentary from Mr. Carpenter of Secure Elements should contact: Stephanie Stadler; telephone: +1 703-287-7819.

About Secure Elements

Secure Elements is dedicated to developing innovative products to evolve the way organizations achieve IT security compliance. We enable organizations to audit, evaluate, and comply with internal, industry, and regulatory policies. Our solutions reduce business risk and IT management costs while improving systems performance and maintaining business continuity.

Based in Northern Virginia, Secure Elements serves organizations in the federal government and critical infrastructure markets, as well the Global 1000.


Stephanie Stadler

On behalf of Secure Elements


# # #

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Stephanie Stadler
Visit website