From Ryan Naraine’s “Microsoft Confirms Excel Zero-Day Attack Under Way” (eWeek: 16 June 2006):
Microsoft June 15 confirmed that a new, undocumented flaw in its widely used Excel spreadsheet program was being used in an attack against an unnamed target.
The company’s warning comes less than a month after a code-execution hole in Microsoft Word was exploited in what is described as a “super, super targeted attack” against business interests overseas.
The back-to-back zero-day attacks closely resemble each other and suggest that well-organized criminals are conducting corporate espionage using critical flaws purchased from underground hackers.