CVE-2010-0262

Name of the Vulnerable Software and Affected Versions Microsoft Office Excel 2007 versions SP1 through SP2 Office 2004 for Mac

Description A remote code execution issue exists due to improper parsing of the Excel file format, allowing attackers to execute arbitrary code via a crafted spreadsheet. This could enable an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office Excel 2007 versions SP1 through SP2, update to a version that properly handles the Excel file format to prevent exploitation. For Office 2004 for Mac, update to a version that properly handles the Excel file format to prevent exploitation. As a temporary workaround, consider avoiding the use of specially crafted Excel files until a patch is available.