News

Russian New Year Exploitation Effects Excel Users

Finjan Software Ltd. (www.finjan.com) will hold a press conference later today to announce a security hole that could effect the vast majority of corporate users of the Internet.

Called the Russian New Year exploitation, the attack takes the HTML and "Call" functions available in Microsoft Excel 95 and 97 and combines them into a strike that can be what Finjan calls "extremely malicious and damaging."

With this combination, an attacker could steal or copy Internet users' files without their knowledge. Most importantly, Excel does not have to be running to execute the exploit; it simply has to be installed on the users' PC.

It's suspected that this process could occur just from visiting a malicious Web site that has the exploit ready to launch once a user visits. The exploit has been named Russian New Year because of its timely announcement and the nation in which it was first discovered. -- Brian Ploskina, Assistant Editor

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.

  • Report: Security Initiatives Can't Keep Pace with Cloud, AI Boom

    The increasingly fast adoption of hybrid, multicloud, and AI systems is easily outgrowing existing security measures, according to a recent global survey by the Cloud Security Alliance (CSA) and exposure management firm Tenable.

  • World Map Image

    Microsoft Taps Nebius in $17B AI Infrastructure Deal To Alleviate Cloud Strain

    Microsoft has signed a five-year, $17.4 billion agreement with Amsterdam-based Nebius Group to expand its AI computing capabilities through third-party GPU infrastructure.

  • Microsoft Brings Copilot AI Into Viva Engage

    Microsoft 365 Copilot in Viva Engage is now generally available, extending Copilot's AI-powered assistant capabilities deeper into the Viva platform.

Most   Popular