轉載由台灣電腦網路危機處理暨協調中心(TWCERT/CC)所發佈之Microsoft Excel安全性漏洞通報,此項漏洞至本通報發佈為止尚無完整之解決方案,請使用者注意。-----BEGIN PGP SIGNED MESSAGE-----
TW-CA-2006-074-[TA06-167A: Microsoft Excel Vulnerability]
────────────────────────────────────────
TWCERT/CC發布日期:2006-06-26
原漏洞發布日期:2006-06-16
原漏洞最新更新日期:--
通用安全漏洞編號:,
分類:Miscellaneous
來源參考:TA06-167A
──── 簡述 ─────────────────────────────────
微軟 Excel 軟體上的一個弱點可能允許攻擊者於受害主機上執行任意程式指令。
──── 說明 ─────────────────────────────────
微軟 Excel 上存在一個未確認之弱點。開啟一個特殊製作之 Excel 檔案,包含在網頁上
或電子郵件附檔中之檔案,都有可能觸發該弱點。
Office 相關檔案都有嵌入物件之功能。舉例來說,一個惡意的 EXCEL 檔案可能被嵌入在
Word 及 Powerpoint 檔案裡。因此除 Excel 檔案以外之 Office 相關檔案格式都有可能
造成攻擊之目標。
欲得知更詳盡資訊,請參考編號 VU#802324 之安全通報。
──── 影響平台 ───────────────────────────────
* Microsoft Excel 2003
* Microsoft Excel XP (2002)
* Microsoft Excel for Mac
微軟 Excel 檔案包含在 Office 相關軟體中。其他版本之 Excel 檔案以相關 Office 程
式都有可能被攻擊者使用來當成攻擊媒介。
──── 修正方式 ───────────────────────────────
在本文件撰寫此時,尚無有效之完整解決方案。但下列步驟可以減輕損害:
‧不要開啟未受信任之 EXCEL 檔案
不要開啟非友善或預期之 Excel 及其他 Office 格式檔案,包含那些電子郵件及網頁中的
檔案。請參考 Cyber Security Tip ST04-010 以獲取更詳盡資訊。
‧不要依賴檔案擴充過濾器
一般情況下 Windows 會呼叫 Excel 程式去開啟檔案,即便不知道檔案格式之檔案。舉例
來說,若檔案格式 .x1s (1 為數字) 包含正確之檔案標頭檔,則 Windows 會呼叫 Excel
程式去開啟它。
──── 影響結果 ───────────────────────────────
藉由誘拐使用者去開啟一特殊製作之 Excel 檔案,攻擊者可能於受害主機上執行任意程式
碼。如果使用者擁有管理者權限,則攻擊者將可以取得系統完整之控制權限。
──── 聯絡TWCERT/CC ─────────────────────────────
Tel: 886-7-5250211 FAX: 886-7-5250212
886-2-23563303 886-2-23924082
Email: twcert@cert.org.tw
URL:
http://www.cert.org.tw/PGP key:
http://www.cert.org.tw/eng/pgp.htm ────────────────────────────────────────
附件:[ Microsoft Excel Vulnerability]
──── 原文 ─────────────────────────────────
Hash: SHA1
National Cyber Alert System
Technical Cyber Security Alert TA06-167A
Microsoft Excel Vulnerability
Original release date: June 16, 2006
Last revised: --
Source: US-CERT
Systems Affected
* Microsoft Excel 2003
* Microsoft Excel XP (2002)
* Microsoft Excel for Mac
Microsoft Excel is included with Microsoft Office. Other versions of
Excel, and other Office programs may be affected or act as attack
vectors.
Overview
An unspecified vulnerability in Microsoft Excel could allow an
attacker to execute arbitrary code on a vulnerable system.
I. Description
Microsoft Excel contains an unspecified vulnerability. Opening a
specially crafted Excel document, including documents hosted on web
sites or attached to email messages, could trigger the vulnerability.
Office documents can contain embedded objects. For example, a
malicious Excel document could be embedded in an Word or PowerPoint
document. Office documents other than Excel documents could be used as
attack vectors.
For more information, please see Vulnerability Note VU#802324.
II. Impact
By convincing a user to open a specially crafted Excel document, an
attacker could execute arbitrary code on a vulnerable system. If the
user has administrative privileges, the attacker could gain complete
control of the system.
III. Solution
At the time of writing, there is no complete solution available.
Consider the following workarounds:
Do not open untrusted Excel documents
Do not open unfamiliar or unexpected Excel or other Office documents,
including those received as email attachments or hosted on a web site.
Please see Cyber Security Tip ST04-010 for more information.
Do not rely on file extension filtering
In most cases, Windows will call Excel to open a document even if the
document has an unknown file extension. For example, if document.x1s
(note the digit "1") contains the correct file header information,
Windows will open document.x1s with Excel.
Appendix A. References
* Vulnerability Note VU#802324 -
<
http://www.kb.cert.org/vuls/id/802324>
* Cyber Security Tip ST04-010 -
<
http://www.us-cert.gov/cas/tips/ST04-010.html>
____________________________________________________________________
Information used in this document came from SANS and Microsoft.
____________________________________________________________________
The most recent version of this document can be found at:
<
http://www.us-cert.gov/cas/techalerts/TA06-167A.html>
____________________________________________________________________
Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA06-167A Feedback VU#802324" in the
subject.
____________________________________________________________________
For instructions on subscribing to or unsubscribing from this
mailing list, visit <
http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________
Produced 2006 by US-CERT, a government organization.
Terms of use:
<
http://www.us-cert.gov/legal.html>
____________________________________________________________________
Revision History
June 16, 2006: Initial release
────────────────────────────────────────
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <
http://www.pgp.com>
iQEVAwUBRJ+PbacyQYefg2/NAQHXcAgAkOZttfcLsgcS0/Ofx3xbO6DNLPlz6Tfe
78RrhyTxs+V3oT4fcyVfWfk7mIESu9YxCwbgN8ZMVGZFaqL0R7oNuwzHOEL0bPRy
G6Bgh1YbpBrGUCeBsJZnxYpXChhwnAa3ZILPaC9lhHIEZT5oxbwKRtm9IVtZWIlf
xRhmrq8vRnqZsoXz4zeAtWVRssFgJy5YXwFf2hhxl3UmGhXFi7S+9Yb0YUpmxfHG
EZfnATxEMXTqmeye1zUPGPEvGJZQOBcFLi5Ys+r2JU+7DOks57gjm8lHOonTniXO
EGIRklnD43M6D8vMR7hxOl7aIR27IyHw7RqFqfTzhlkdi/2bFHosjw==
=JffO-----END PGP SIGNATURE-----