New Zero-day Hole in Excel

There's a new zero-day security hole in Microsoft Excel that's being actively exploited by at least one piece of malware.

Ironically, this new risk is coming to light right after Microsoft patched a similar hole in Microsoft Word. Like that vulnerability, the Excel problem can hand over control of your computer to a remote attacker if you open a poisoned Excel document. There's no patch available as of yet.

Secure Elements reports that Trojan.Mdropper.J is currently exploiting this hole. We also have a news story on the topic.

As always, excercise extreme caution with e-mail attachments.