This MS Excel vulnerability embeds malicious payloads remotely

2 minute read
microsoft excel security exploit

Home » News » This MS Excel vulnerability embeds malicious payloads remotely

Millions of home users and businesses rely on Microsoft Excel to keep track of their expenditures and income, plan their budgets and take care of basically any tasks that involve calculations.

Recently, Mimecast Threat Center unveiled a major Excel vulnerability that allows attackers to embed malicious payloads remotely.

How does this work, you may ask? In order to exploit this vulnerability, attackers use a Microsoft Excel feature called Power Query.

As a quick reminder, Power Query is a Business Intelligence tool that allows users to integrate spreadsheets with other data sources, including external data sources such as databases and websites.

The problem is that such attacks are very complex and hard to detect. In other words, users may not even suspect something hit them until it’s too late.

As Mimecast explains:

Using Power Query, attackers could embed malicious content in a separate data source, and then load the content into the spreadsheet when it is opened. The malicious code could be used to drop and execute malware that can compromise the user’s machine.

Security solutions fail to block these threats

To make matters worse, Sandbox-based security solutions are pretty much useless when it comes to detecting and blocking this type of attacks.

The respective files appear harmless to security solutions, which means that users won’t get any alerts about these attacks.

Microsoft is aware of this issue

Mimecast already informed Microsoft about this security problem but the tech giant declined to release a permanent fix offering instead a quick workaround to mitigate the issue.

Microsoft suggests using a Group Policy to block external data connections. This method prevents external data from merging with your existing Excel data.

Alternatively, you can also change your Office Trust Center settings so as to block external data and files.

For more information, you can check out Microsoft’s security advisory 4053440.

Prevention is better than cure

Now that you’re aware of this security risk, the best solution is to act fast and implement the workarounds that Microsoft suggested.

As they say, prevention is always better than cure. Hackers never sleep and this exploit has the potential of causing severe damage to your system.

Speaking of Microsoft Excel security, you may also want to install one of these antivirus solutions to protect your files and block malware attacks.

Discussions

Next up

How to use Google Stadia on Windows 10

Alexandru Voiculescu By: Alexandru Voiculescu
2 minute read

Stadia is a new gaming platform from Google. The main feature that separates it from other gaming platforms is accessibility. In other words, you can […]

Continue Reading

Fix: Action Only Valid for Products Currently Installed

Tashreef Shareef avatar. By: Tashreef Shareef
3 minute read

While trying to launch one of the Microsoft Office programs, you may encounter an error that won’t let you access any of the Microsoft Office […]

Continue Reading

Can’t delete an email folder in Outlook? Follow these steps

John Taylor avatar. By: John Taylor
3 minute read

If you frequently send emails, especially in a business environment, then you most probably know Microsoft Outlook. This email client comes pre-installed with Microsoft Windows […]

Continue Reading