(Xinhua)
Updated: 2008-01-17 15:06

BEIJING -- Microsoft Corp has issued a security advisory warning of a vulnerability that lies within older versions of the Excel spreadsheet program, media reports said Thursday.

The affected versions include Microsoft Office Excel 2003 Service Pack 2, Microsoft Office Excel Viewer 2003, Microsoft Office Excel 2002, Microsoft Office Excel 2000, and Microsoft Excel 2004 for Mac.

Microsoft said Tuesday that it is investigating reports of such attacks, but has not yet determined whether it will patch the hole, or when.

The flaw in Excel enables an attacker to take control of a PC through a malicious Excel document. In addition, the flaw may also let remote code be executed on a PC, putting a user's personal data in jeopardy.

The software maker said in a statement that users of these programs can protect their computers by using a tool that scans the files for bad code before opening, called Microsoft Office Isolated Conversion Environment.

The most recent versions of the spreadsheet program, Excel 2007, Excel 2007 SP 1 and Excel 2008 for Mac, are not thought to be affected, Microsoft said.