Several updates to First MS Excel 0-day Vulnerability FAQ done
I decided to write a short entry to share information about several updates to First Microsoft Excel 0-day Vulnerability FAQ document at http://blogs.securiteam.com/?p=451.
* Several exploits for this vuln and other Excel issues have been released recently.
* PoC sample file Nanika.xls was posted to public mailing list on Monday already
(NOTE: Several vendors see this as a separate vulnerability)
* New Trojan variant names added to the document
* Some other updates and fixes
Word ‘First’ to the FAQ document title was added in June to clarify the situation.
Updates are included to revision history too.
BTW: It’s interesting to notice that the newest hlink.dll overflow code posting uses wrong references. And this was not the first time!