Excel exploit

Excel Exploit

There was a comment posted today on an article on the SC Magazine site from someone who seemed to think we were talking up an obsolete exploit. He seems to have been thinking about this one: “Microsoft Security Bulletin MS08-014 – Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029)”. (Which fixes this issue,

Feeling Vulnerable?

This is a follow up to David Harley’s post “Targeted Excel Malware Revisited.” I know that for some people “exploiting a vulnerability” is no clearer than the US tax code, so I’ll try to make it a bit more understandable. A “vulnerability” simply means that there is a problem with a program. In this case

EXcel EXploits

Our guys in Bratislava have issued a press release about one of the latest examples of the current wave of Excel exploits, which we detect as X97M/TrojanDropper.Agent.NAI. When the malicious Excel document is opened, it drops the backdoor Trojan we call Win32/Agent.NVV, which allows a remote attacker to get access to and some control over the