Security researchers have uncovered a new vulnerability in Microsoft Excel, which could potentially put more than 120 million users at risk. The vulnerability was discovered by researchers at security firm Mimecast Services Ltd.
The vulnerability leverages the Power Query function in Excel, which allows users to retrieve data from other sources. Researchers at Mimecast Services Ltd have published a blog post (via SiliconANGLE) explaining how the vulnerability can be exploited by hackers.
The vulnerability will allow hackers to use Power Query to initiate a remote Dynamic Data Exchange attack on an Excel worksheet. Not only that, but the vulnerability will also allow hackers to launch more sophisticated attacks involving malware that can compromise the machine when the spreadsheet is opened.
“The feature offers such rich controls that can be used to print fingerprints in a protective box or on the victim’s machine before even providing any payload. The attacker has potential pre-load and pre-scan controls and can deliver a malicious load to the victim, and make the file look harmless to a protective box or other security solutions. ”
The good news is that Microsoft already knows about the vulnerability and issued a statement in November 2017. The statement noted that users will need to click on various security warnings to install malware on their system. Microsoft also recommended that users disable the DDE feature when they are not in use to block external data connections.
“Mimecast strongly recommends that all Microsoft Excel customers implement alternative solutions suggested by Microsoft as the potential threat to these Microsoft users is real and exploitation can be detrimental.”
The good thing is that there is no report of vulnerability being exploited in nature. The bad news, however, is that the DDE feature is usually enabled by default and users may not disable it when they are not in use.
Microsoft’s previous advice, saying “many organizations are unlikely to have shut it down.”
As of now, Microsoft has just released a statement and is counting on users to take appropriate action. The wisest thing to do now is to disable the DDE feature and not download and open spreadsheets sent by emails.
Last, but not least, make sure you do not ignore the Excel security prompts as they may be warning you about possible malware.
If you need help, have doubts or concerns, do not hesitate to leave a comment in the comment box below and we will try to help you as soon as possible!