Microsoft confirmed via TechNet that there is a new Excel zero-day exploit making limited appearances. This vulnerability affects Microsoft Office 2000, Microsoft Office XP, Microsoft Office 2003, and Microsoft Office 2004 for Mac.
Since the attack is carried out via a malicious Excel file, you should be suspicious of any email you receive with a .xls file attached. Even if you know the sender, you should still use caution.
Since next Tuesday is “Patch Tuesday” for Microsoft, it is doubtful that there will be a fix for this flaw by then. Maybe next month. 🙁
Microsoft has created a web site that for users to scan their computers and fix problems. If you are running XP, 2000 or 2003 Server and IE 6.0 or higher, you can hop over to this link and get checked out.