A zero-day vulnerability in spreadsheet software Microsoft Excel is reportedly being abused by cybercriminals in real-world scenarios.
According to an advisory issued by Microsoft, the security feature bypass bug could allow unauthenticated threat actors to launch attacks against vulnerable users with relative ease.
The vulnerability has been handed a score of 7.8/10 per the Common Vulnerability Scoring System (CVSS), placing it in the high severity category.
What about Excel on Mac?
Although Microsoft has now delivered a patch for Excel on Windows devices as part of this month’s Patch Tuesday, Apple customers remain vulnerable to the exploit.
“The security update for Microsoft Office 2019 for Mac and Microsoft OFfice LTSC for Mac 2021 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information,” the advisory explained.
To shield against attack, Windows users are advised to update their Excel installations to the latest build immediately. Mac users, meanwhile, should avoid interacting with unsolicited email attachments and avoid downloading content from unfamiliar sources while they await a full patch.
- Here's our list of the best endpoint protection software around