(MS10-038) Microsoft Office Excel RTD Memory Corruption Vulnerability (2027452)

Overview

A vulnerability exists in Microsoft Office Excel that could result in remote code execution.

A vulnerability exists in Microsoft Office Excel that could result in remote code execution. The vulnerability is in the way that Excel handles specially crafted Excel files. Successful exploitation of this vulnerability could allow an attacker to take complete control of an affected system.

Attack Vector

Maliciously Crafted File

User Interaction

no user interaction is needed

Vendor Status

Responded and patched

Vulnerable Systems

Timeline

2010-06-08

Vendor has provided a patch.

Recommendations

The vendor has released an update to address this issue
http://www.microsoft.com/technet/security/bulletin/ms10-038.mspx

Recommendations McAfee Product Mitigation

Additional Resources