News

Russian New Year Exploitation Effects Excel Users

Finjan Software Ltd. (www.finjan.com) will hold a press conference later today to announce a security hole that could effect the vast majority of corporate users of the Internet.

Called the Russian New Year exploitation, the attack takes the HTML and "Call" functions available in Microsoft Excel 95 and 97 and combines them into a strike that can be what Finjan calls "extremely malicious and damaging."

With this combination, an attacker could steal or copy Internet users' files without their knowledge. Most importantly, Excel does not have to be running to execute the exploit; it simply has to be installed on the users' PC.

It's suspected that this process could occur just from visiting a malicious Web site that has the exploit ready to launch once a user visits. The exploit has been named Russian New Year because of its timely announcement and the nation in which it was first discovered. -- Brian Ploskina, Assistant Editor

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.

Featured

  • Windows Autopilot for HoloLens 2 Hits Preview

    Windows Autopilot, Microsoft's PC self-provisioning program, is now being tested for use with the company's mixed-reality headset, the HoloLens 2.

  • Signs Point to Microsoft Charging for Use of APIs

    There are indications that Microsoft is mulling charging customers for software that uses its application programming interfaces.

  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • Microsoft Extends Azure Hybrid Benefit Licensing to Linux

    Microsoft has expanded its Azure Hybrid Benefit licensing program to include Linux servers, particularly Red Hat Enterprise Linux or SUSE Linux Enterprise servers.