This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Suspicious Behavious excel.exe buffer overflow.

Sophos has recently started detecting buffer overflows for various versions of MS Excel for multiple clients

Has anyone else experienced this and know what has suddenly caused this too happen? Sophos or Windows Updates.....?

Regards

Jeff

:57694


This thread was automatically locked due to age.
Parents
  • We have client version 10.6 and still getting this same error.  Not sure to do with this alert.

  • We have also seen one incidence of this error, on Excel 2010 version 14.0.7179.5000, Sophos version 10.6.4 VE3.67.3 and Windows 7 Pro with SP1 and updates.

     

    Does it happen because of a malicious spreadsheet, or is it an Excel patch that is missing from the PC?

     

    Dan Jackson (Lead ITServices Technician)

    Long Road Sixth Form College

    Cambridge, UK

  • We have seen this on one endpoint this week. 

    Microsoft Excel 2013 15.0.4989.1000 32bit on a 64bit Win7 Pro SP1 patched system. Sophos AV 10.7.2 VE3.69.2

    "Suspicious behavior Threat type not cleanable Buffer Overflow C:\Program Files (x86)\Microsoft Office 2013\Office15\EXCEL.EXE"

    I spoke to the person who uses this machine and they stated they had not used Excel.

    Any further info on this?

    I have not seen it flagged on any other endpoint (35 systems).

     

    Cheers!

  • I have also seen it affect Outlook with Sophos Version 10.7

    User on a Win7 64bit

    C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE

    Threat type  - Suspicious behavior

    Threat Name - Buffer Overflow

    Action Taken - Blocked

     

     

     

Reply Children