Reports have been circulating in the last couple of days about an unpatched vulnerability in Microsoft Excel. The flaw allows attackers to run code on remote machines if they can entice a user into opening a malicious Excel file. Microsoft advises customers to use the Microsoft Office Isolated Conversion Environment (MOICE) when opening files from unknown or un-trusted sources. Some security vendors also have warned about a new Trojan that already is exploiting this vulnerability. No word on when a patch may be available.
Source: https://threatpost.com/trojan-exploiting-excel-zero-day-flaw-022509/72379/