Israeli Internet security company, Finjan Inc., said that the "Russian New Year" Exploitation could expose millions of Web surfers to document theft or manipulation
"It's the worst vulnerability in five years," Bill Lyons, CEO of Finjan said. "There are tens of millions of users who are susceptible to this. And it can happen without the user even knowing it."
Anyone with Microsoft Excel installed on his or her computer is susceptible to the intrusion. The attacker enters the victim's computer through Excel's document entry system. The "Russian New Year" attacker cannot only steal data and private computer files, but also can insert damaging material and initiate commands from the target computer.
To date, no users have experienced a problem.
John Duncan, product manager for Office 97 software suite, said their company disclosed the exploitation earlier and offered a way to fix it through E-mail and on several Websites. "I'm still unclear what Finjan claims is new about this issue," Duncan says.
Due to its field being crowded by more than 100 start-up companies in the past year, some say that Finjan launched the publicity campaign in order to gain exposure for their company.