The Security Mentor

The attack is an Excel spreadsheet, possibly arriving as an email attachment, and named okN.xls. If anyone opens it, it uses a security vulnerability in Excel to take over the computer and download more malicious code. Whoever's doing this cunningly started doing it right after Microsoft's monhly patch day, so they'll have a full month before Microsoft makes their attack impossible.

The Excel vulnerability exploit is targeting only one organization, according to published reports.

This has implications. One of the most important is that antivirus software is going to be less useful. Antivirus companies depend on nasty software spreading widely enough for the company to get a sample and write a rule for detecting it. That's not going to happen with a piece of malware that doesn't spread outside a particular company and which doesn't call attention to itself.

You'll need to do two things. One is to look for the words "heuristic" or "behavior-based" when you're shopping for antivirus. They refer to technology which may detect a previously unknnown virus (at the cost of more false alarms). The other, which is more direct, is to stop opening files without knowing who they're from and why you're getting them.