Malware writers have created a malicious program exploiting unpatched vulnerability in some versions of MS Excel and South Africans are being warned to open files with caution.
"Excel users should refrain from opening suspicious .xls files or files received from unknown senders," advises Justin Stanford, CEO of ESET Southern Africa. While the scope of the infiltration and overall number of infected computers currently remains low, it is of vital importance that local consumers remain alert.
This malware has been catalogued as X97M/TrojanDropper.Agent.NAI. trojan. It contains a dangerous virus attacking versions MS Excel 2000, 2002, 2003, 2007, 2004/2008, version for Mac, Excel Viewer/Excel Viewer 2003.
The malicious part of the virus is released immediately after the infected file is opened, creating a backdoor in the system (backdoor Win32/Agent.NVV). The backdoor allows the authors to gain control over the workstation from remote location.
This threat takes advantage of the so-called zero-day exploitability. Typically, similar vulnerability gaps are discovered only once they become targeted – thus affecting all users of the particular software – in this case Excel.