A vulnerability has been reported in Microsoft Office Web Components, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error in the Spreadsheet ActiveX control and can be exploited to corrupt memory.
Successful exploitation allows execution of arbitrary code.
NOTE: According to Microsoft, the vulnerability is currently being actively exploited.
http://www.microsoft.com/technet/securi ... 73472.mspx
http://blogs.technet.com/srd/archive/20 ... ility.aspx