Microsoft Security Bulletin MS06-059 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (924164)

This critical bulletin addresses multiple vulnerabilities in all version of Excel (including Mac) and Microsoft Works Suites. Some of the vulnerabilities are publicly detailed but Microsoft reports no knowledge of actual attacks where these vulnerabilities are exploited as of yet. With these vulnerabilities an attacker could take control of a victim’s computer by sending the victim a malformed XLS or Lotus 123 (.123) file via email or otherwise getting the user to open such a file. I recommend limited testing followed by immediate deployment to workstations and vulnerable Terminal Servers.

Get this valuable commentary each month as soon as Microsoft releases security updates!

Free log parser scripts, a clear explanation of Microsoft's latest security bulletin, helpful security tips, how-to's and more.

Upcoming Webinars by Randy Franklin Smith

Beyond Single Event Analysis: Analyzing Multiple Events to Reduce False Positives and Gain Deeper Insight into the Security Log

Auditing File Access with the Windows Server 2008 Security Log: The Good, Bad and Ugly

How to Secure Web Based Applications with 2-Factor Authentication

Eliminating Admin Rights on Workstations and Laptops: Avoiding the Pitfalls and Making it Work in the Real World

Additional Links

A
D
V

NEW! GFI EventsManager 8 Extends Event Management Capabilities. Find Out More.

Get Randy's Security Log Resource Kit

Sick of LimitLogin? Get UserLock for real logon control