This MS Excel vulnerability embeds malicious payloads remotely

by Madalina Dinita
Madalina Dinita
Madalina Dinita
Madalina has been a Windows fan ever since she got her hands on her first Windows XP computer. She is interested in all things technology, especially emerging technologies... read more
Affiliate Disclosure
microsoft excel security exploit

Millions of home users and businesses rely on Microsoft Excel to keep track of their expenditures and income, plan their budgets and take care of basically any tasks that involve calculations.

Recently, Mimecast Threat Center unveiled a major Excel vulnerability that allows attackers to embed malicious payloads remotely.

How does this work, you may ask? In order to exploit this vulnerability, attackers use a Microsoft Excel feature called Power Query.

As a quick reminder, Power Query is a Business Intelligence tool that allows users to integrate spreadsheets with other data sources, including external data sources such as databases and websites.

The problem is that such attacks are very complex and hard to detect. In other words, users may not even suspect something hit them until it’s too late.

As Mimecast explains:

Using Power Query, attackers could embed malicious content in a separate data source, and then load the content into the spreadsheet when it is opened. The malicious code could be used to drop and execute malware that can compromise the user’s machine.

Security solutions fail to block these threats

To make matters worse, Sandbox-based security solutions are pretty much useless when it comes to detecting and blocking this type of attacks.

The respective files appear harmless to security solutions, which means that users won’t get any alerts about these attacks.

Microsoft is aware of this issue

Mimecast already informed Microsoft about this security problem but the tech giant declined to release a permanent fix offering instead a quick workaround to mitigate the issue.

Microsoft suggests using a Group Policy to block external data connections. This method prevents external data from merging with your existing Excel data.

Alternatively, you can also change your Office Trust Center settings so as to block external data and files.

For more information, you can check out Microsoft’s security advisory 4053440.

Prevention is better than cure

Now that you’re aware of this security risk, the best solution is to act fast and implement the workarounds that Microsoft suggested.

As they say, prevention is always better than cure. Hackers never sleep and this exploit has the potential of causing severe damage to your system.

Speaking of Microsoft Excel security, you may also want to install one of these antivirus solutions to protect your files and block malware attacks.

This article covers:Topics: