McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
Business Home McAfee Labs Threat Intelligence

Exploit-MSExcel.r

This page shows details and results of our analysis on the malware Exploit-MSExcel.r

Threat Detail

Malware Type: Trojan

Malware Sub-type: Exploit

Discovery Date: 2008-09-02

Next Steps:

Overview

-- Update February 24, 2008 --
The risk assessment of this threat has been updated to Low-Profiled due to media attention at:
http://tech.yahoo.com/news/pcworld/20090224/tc_pcworld/attackerstargetingunpatchedvulnerabilityinexcel2007
--

This is a generic detection for malicious XLS documents targeting Microsoft Excel vulnerabilities.

 


Minimum DAT

5375 (2008-09-02)

Updated DAT

6050 (2010-07-21)

 Minimum Engine

5.2.00

File Length

Varies

 Description Added

2008-09-02

Description Modified

2009-02-24

Malware Proliferation

Characteristics

-- Update February 24, 2008 --

McAfee has observed variants of Exploit-MSExcel.r which attempt to exploit the vulnerability described in CVE-2009-0238. Additional information on this vulnerability can be found at:

http://www.microsoft.com/technet/security/advisory/968272.mspx
--

This is a generic detection for malicious XLS documents targeting Microsoft Excel vulnerabilities.

When successful, it may install a trojan onto the vulnerable machine such as BackDoor-DUE.

Symptoms

  • Abnormal termination of Microsoft Excel application.
  • Unexpected dropping of files from Microsoft Excel.

 

Method of Infection

This trojan exploits a vulnerability in Microsoft Excel.

 

Removal

Variants

United States - English