This MS Excel vulnerability embeds malicious payloads remotely
Recently, Mimecast Threat Center unveiled a major Excel vulnerability that allows attackers to embed malicious payloads remotely.
How does this work, you may ask? In order to exploit this vulnerability, attackers use a Microsoft Excel feature called Power Query.
As a quick reminder, Power Query is a Business Intelligence tool that allows users to integrate spreadsheets with other data sources, including external data sources such as databases and websites.
The problem is that such attacks are very complex and hard to detect. In other words, users may not even suspect something hit them until it’s too late.
As Mimecast explains:
Using Power Query, attackers could embed malicious content in a separate data source, and then load the content into the spreadsheet when it is opened. The malicious code could be used to drop and execute malware that can compromise the user’s machine.
Security solutions fail to block these threats
To make matters worse, Sandbox-based security solutions are pretty much useless when it comes to detecting and blocking this type of attacks.
The respective files appear harmless to security solutions, which means that users won’t get any alerts about these attacks.
Microsoft is aware of this issue
Mimecast already informed Microsoft about this security problem but the tech giant declined to release a permanent fix offering instead a quick workaround to mitigate the issue.
Microsoft suggests using a Group Policy to block external data connections. This method prevents external data from merging with your existing Excel data.
Alternatively, you can also change your Office Trust Center settings so as to block external data and files.
For more information, you can check out Microsoft’s security advisory 4053440.
Prevention is better than cure
Now that you’re aware of this security risk, the best solution is to act fast and implement the workarounds that Microsoft suggested.
As they say, prevention is always better than cure. Hackers never sleep and this exploit has the potential of causing severe damage to your system.
Speaking of Microsoft Excel security, you may also want to install one of these antivirus solutions to protect your files and block malware attacks.
While trying to launch one of the Microsoft Office programs, you may encounter an error that won’t let you access any of the Microsoft Office […]
If you frequently send emails, especially in a business environment, then you most probably know Microsoft Outlook. This email client comes pre-installed with Microsoft Windows […]