Researchers have discovered a vulnerability in Microsoft Excel, one of the most widely used productivity programs in the corporate world, that could let attackers take over a user’s system and remotely launch malware.
The flaw, found by the team at Mimecast, lies in the Power Query tool, which lets users integrate spreadsheets with external databases, text documents and Web pages. If exploited by attackers, it can also launch sophisticated, hard-to-detect attacks.