Microsoft has discovered a security flaw in Excel 2000 that could make users vulnerable to malicious acts.
While working to plug a flaw in Excel 97 called the ODBC Driver Vulnerability, Microsoft officials found another ODBC database driver bug in Excel 2000. The company had originally said that Office 2000 was not affected by the problem.
According to the software giant, the new flaw is related to the IISAM component of the ODBC database driver, and could be exploited using an Excel 2000 query to perform malicious acts. Office users may become vulnerable by opening an infected spreadsheet attached to either an e-mail or Web site link, Microsoft said.
A Microsoft representative said fixes for all of the Excel security bugs were finished, and are available for free download by users at http://officeupdate.microsoft.com.