Background /What has happened?
A vulnerability (CVE-2021-42292) has been identified in locally installed versions of Microsoft Excel which allows a cyber actor to bypass a key security control. A cyber actor could use a malicious Microsoft Excel spreadsheet to exploit this vulnerability. This malicious document would then likely be used as part of a spearphishing campaign.
There is no indication that the Microsoft hosted Office365 Excel product is affected.
Microsoft has identified that this vulnerability is currently being exploited.
Mitigation / How do I stay secure?
Australian organisations and individuals who utilise Microsoft Excel should consult the Microsoft security advisory for a list of affected Excel versions. Australian organisations and individuals should ensure that the available security update is applied as soon as possible.
Assistance / Where can I go for help?
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is monitoring the situation and is able to provide assistance and advice as required. Organisations that have been impacted or require assistance can contact the ASD's ACSC via 1300 CYBER1 (1300 292 371).