NEWS FROM THE LAB - Monday, July 13, 2009

(Another) Microsoft Security Advisory Posted by Sean @ 14:19 GMT

There's a new Microsoft Security Advisory (973472) to review while waiting for tomorrow's Microsoft Updates.

A vulnerability exists in the ActiveX control used by, wait for it… Internet Explorer to display Excel spreadsheets (Office Web Components). It doesn't affect Office 2007 but many other versions are vulnerable.

Microsoft Security Advisory 973472

Considering the timing of this advisory, it isn't likely to be patched tomorrow, so check out the workaround instructions.

Microsoft states that they're aware of "attacks attempting to exploit the vulnerability".

This most recent advisory joins a growing list of Internet Explorer vulnerabilities

Microsoft Security Advisories

91% of you know what to do


Updated to add: Internet Storm Center SANS raised their Threat Level to Yellow yesterday.

SANS is seeing active exploit pages in use. More updates are available here.