Cybersecurity researchers have diagnosed 4 protection vulnerabilities in Microsoft Excel and Microsoft Office 365 that may be exploited to execute malicious code.
The vulnerabilities, suggested via way of means of Check Point, come from the legacy code that stems from Excel95, giving them cause to consider that the vulnerabilities have existed for numerous years.
Check Point’s crew provides that the 4 vulnerabilities may be exploited thru malicious Word, Excel, and Outlook documents.
Patches for 3 of the vulnerabilities tracked as CVE-2021-31174, CVE-2021-31178, CVE-2021-31179 have already been issued via way of means of Microsoft. The fourth trouble tracked as CVE-2021-31939 have to be constant withinside the June 2021 Patch Tuesday release.
Legacy code fail
Yaniv Balmas, Head of Cyber Research at Check Point Software says that their discovery highlights that legacy code is a perennial susceptible hyperlink withinside the protection chain, greater so in relation to complicated software program like Microsoft Office.
“Even aleven though we located handiest 4 vulnerabilities at the assault floor in our research, you’ll by no means inform what number of greater vulnerabilities like those are nonetheless laying round ready to be located,” provides Balmas.
He additionally stocks that the vulnerabilities are in a feel simply exploitable because the researchers located “numerous” assault vectors that hazard actors can use to cause the vulnerabilities.