CVE-2012-1885

Name of the Vulnerable Software and Affected Versions Microsoft Excel versions 2003 SP3, 2007 SP2 and SP3, and 2010 SP1 Office 2008 and 2011 for Mac Office Compatibility Pack versions SP2 and SP3

Description A remote code execution issue exists in the way Microsoft Excel handles specially crafted Excel files, allowing attackers to execute arbitrary code via a crafted spreadsheet. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Excel 2003 SP3, update to a version that includes the fix for this issue. For Microsoft Excel 2007 SP2 and SP3, and 2010 SP1, apply the necessary patch to resolve the issue. For Office 2008 and 2011 for Mac, update to a version that includes the fix for this issue. For Office Compatibility Pack SP2 and SP3, apply the necessary patch to resolve the issue.