News.com has a story up about a security vulnerability in Excel 2000. The exploit involves Excel documents being able to execute DLL code when they're opened; thus the hacker would first need to get a malicious DLL onto the system, then get the user to open an Excel file that will execute that DLL's code.
If you think the chances of a naughty DLL file finding its way onto your machine are pretty slim, think again. According to analysts quoted in the article, "[t]here are several previous security vulnerabilities that allow a malicious user to download a file to a victim's computer. . . ." The DLL code could even be accessed over the Internet in some cases.
I'm sure that Microsoft is just thrilled with Georgi Guninski, the guy who found the bug. Last month, he found two other bugs in Microsoft products, including Excel, Powerpoint and Outlook. This guy is just an exploit-finding machine.
|Radeon Pro specs hint at a full-fat Polaris 11 GPU in MacBook Pros||13|
|We're giving away our Aimpad R5 review unit||8|
|Apple's latest MacBook Pros ditch the F keys||71|
|In the lab: Gigabyte's GeForce GTX 1050 G1 Gaming graphics card||6|
|Google's Jamboard takes the whiteboard into the cloud||8|
|Transcend hops on the 3D NAND bandwagon with the SSD 230||2|
|Apple puts its AirPods in the oven a little longer||29|
|Microsoft helps hardware companies make VR more affordable||17|
|Intel P3100 M.2 SSD has datacenters in mind||9|