Or ‘Yet Another Excel Exploit’. A post was made yesterday to
Full-Disclosure on a(nother) 0-day for Excel. And yes, code
execution is possible. This time, a user needs to open the file and
click on a (specially-crafted, a buzzword nowadays)link specified
inside the file to trigger the exploit. Same safety-precautions
apply when a 0-day is out:
Do not open Microsoft Excel files that you
receive from un-trusted sources.
This vulnerability could be exploited when a user opens an Excel
file and clicks on a specially-crafted link inside the file. Excel
files from trusted sources or Excel files that are known to be
trusted can continue to be used.
*slightly modified Suggested Action from Microsoft.
Trendlabs is currently in the process of creating a generic
pattern for this exploit.