A vulnerability has recently been discovered in Microsoft Excel 97 and Excel 2000. If an Excel worksheet containing the REGISTER.ID function references a malicious DLL (Dynamic Link Library) it can potentially cause code to run on a user?s computer without their knowledge. The code executed on the affected user's computer can perform any action that the user could perform on the machine. he Microsoft Excel REGISTER.ID Security Update eliminates the vulnerability that could be exploited using the worksheet tools of Excel 2000 to do malicious acts, such as deleting and overwriting files without the user's input or verification. This update protects against harmful code that could be executed from a worksheet by disabling the REGISTER.ID function. Note: To use the Excel 2000 REGISTER.ID Security Update, you must have installed Office 2000 SR-1 or Office 2000 Service Release 1a (SR-1a).
|