Sue I asked Bob Axmire. He said if I downloaded EXcell files form the
internet then I could have problems. I will send you a copy of the message I
received. Let me know what you think.
This special edition of the Office News Service is to inform you about the
availability of a patch for the Excel "ODBC Driver" vulnerability recently
reported to Microsoft. To cancel your subscription to the Office News
Service, reply to this e-mail with the word UNSUBSCRIBE in the Subject Line.
To stop receiving all newsletter e-mail from Microsoft.com, reply to this
e-mail with the word STOPMAIL in the Subject Line.
On July 27, 1999, Microsoft became aware of a security issue involving the
ODBC database driver that is installed as a part of Excel 97. It is possible
that a malicious coder could create an Excel 97 spreadsheet that exploits a
vulnerability in this database driver to delete files and perform other
malicious acts. A user could encounter this problem by opening a spreadsheet
attached to an e-mail message or linked from a Web site.
In the course of producing the solution to this security issue, Microsoft
testing became aware of a separate vulnerability in the ODBC database driver
that may affect Excel 2000 users. This vulnerability is related to the IISAM
component of the ODBC database driver and could be exploited using an Excel
2000 query to perform malicious acts similar to those described in Excel 97
"ODBC Driver" Vulnerability. Microsoft has produced a solution to this
specific vulnerability and incorporated it into this update.
Now available for download, the following update addresses the Excel "ODBC
There, you will see your download options in the Table of Contents area of
The patch updates the Jet 3.51 and the IISAM component of the ODBC database
driver, which eliminates the vulnerability that could be exploited to perform
malicious acts, such as deleting files on a user's machine. This update also
includes the previously released Office Document Open Confirmation Tool that
prompts Office users for confirmation when opening Office documents (Word,
Excel, PowerPoint, or Access) launched from within Internet Explorer. While
this update was designed specifically for Microsoft Office users, it may be
safely used to update Microsoft Jet 3.51 [4.0] files without the presence of
Microsoft recommends that all Office 97/2000 and Excel 97/2000 users update
their systems with this security update.
If you experience any problems with this download or the Office Update site,
please consult the following support page for assistance:
Thank you very much for your attention.
To sign-off this list, send email to email@example.com with the
message text UNSUBSCRIBE HOSTA-OPEN