Those who have not updated their PCs with recent patches from Microsoft for VML and for Excel risk having flaws in those vectors exploited by attackers.Remote code execution poses a threat to Microsoft Excel and Microsoft Vector Markup Language, through flaws recently disclosed by the release of patches to correct them.
Secure Computing said they expect the vulnerabilities to make it into automated exploit creation tools like MPack, Shark2, and IcePack. Criminals use those tools to quickly create ways of breaking into systems through exposed flaws.
''With PDF files gaining in popularity in spam because of the socially acceptable practice of users sharing PDF files, this vulnerability is poised to make Excel (also a typical file shared in emails) files the next high value threat vector for the bad guys,'' said Paul Henry, VP of Technology Evangelism for Secure Computing.
The easy availability of patches from Microsoft to fix both problems will end the latest possibilities for exploits. PC users can manually verify their machines have current fixes in place by checking Windows Update.
Discuss Add this link to... Tell a friendBury Add to:
| Bookmarks
Discuss
Add this link to...
Tell a friend
Bury
Comments