First Exploit to Execute Arbitrary Code in Office 2007

Office 2007 withstood arbitrary code execution exploits for roughly two years. But that streak is over now that hackers have unleashed working attack code.

Microsoft published a security advisory on February 24 that offers minor details about the problem, which affects Office 2000, 2003, and 2007 as well as the standalone Excel Viewer.

As is often the case, a person would need to choose to open an corrupted Excel document at which point the exploit code will launch and run in the context of the currently logged in user. The Excel file itself is stored in the older binary file format as opposed to the newer XML file format.

Microsoft said that Office 2003 and 2007 users can install and enabled Microsoft Office Isolated Conversion Environment (MOICE), which converts the older binary format files into XML before opening them. Doing so effectively eliminates this particular vulnerability.

The company also said that users can enable File Block, which prevents Office from opening binary format files, allowing it to only open XML format files.

At the moment there are no known workarounds for Office 2000 other than to not open Office documents from untrusted sources.