You can use the Microsoft AutoUpdate program to get these updates or download them from Microsoft’s website. The security update addresses the vulnerabilities by correcting how Microsoft Excel parses and validates data when opening specially crafted Excel files. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. The vulnerabilities could allow remote code execution if a user opens a specially crafted Excel file with an affected version of Microsoft Excel.
This security update resolves four privately reported vulnerabilities in Microsoft Office.
Vulnerabilities in Microsoft Excel could allow remote code execution (affected software: Microsoft Office 2003 SP3, 2007 SP2, 2010 SP1 Microsoft Office 20 for Mac, Excel Viewer, and Office Compatibility Pack SP 2 and SP3). This important update fixes critical issues and helps to improve security by patching vulnerabilities that an attacker could use to overwrite the contents of your computer’s memory with malicious code. Microsoft has issued updates for Office 20 to fix some security issues. Security & Privacy Microsoft Updates Office 20 for Excel Vulnerabilities
