Thread: FYI - Microsoft Acknowledges XL Flaw
View Single Post
  #12   Report Post  
Posted to microsoft.public.excel, microsoft.public.excel.misc,microsoft.public.excel.worksheet.functions
Harlan Grove[_2_] Harlan Grove[_2_] is offline
external usenet poster
  
Posts: 1,231
Default FYI - Microsoft Acknowledges XL Flaw
Harlan Grove wrote...
....
That sure makes it appear that the new vulnerability is in Excel's
own file types, so SP3 would seem to be irrelevant to this new issue
....

Or maybe not. The security advisory does state that Excel 2003 SP3 is
safe. However, that would also mean there's no benefit to convert .XLS
files to OOXML files if you're using Excel 2003 SP3, and since MOICE
doesn't handle the file types blocked by Excel 2003 SP3 it's difficult
to see how using MOICE could resolve this vulnerability *IF* we were
to take Microsoft's statements at face value.

So, if the vulnerability arises from loading the file types blocked by
Excel 2003 SP3, MOICE won't fix the issue. But if the vulnerability is
in .XLS files, how can Microsoft claims Excel 2003 SP3 is safe?
Reply With QuoteReply With Quote