The third security hole in a month has been discovered in the Microsoft Excel spreadsheet program.
The vulnerability allows remote attackers to take control of users’ systems.
The French Security Incident Response Team reports that the flaw is due to a memory corruption error, which occurs when handling or repairing a document containing overly long styles.
The flaw affects Excel 2000, 2002 and 2003 and Office 2000, XP and 2003, said the security researcher.
Its advisory said the flaw "could be exploited by attackers to execute arbitrary commands by convincing a user to open and repair a specially crafted Excel file.”
Microsoft said the vulnerability only affected users with the Japanese, Korean or Chinese language versions of Excel.
The company said an attack could be launched with the help of malicious Excel documents sent as e-mail attachments.
The company said it was not aware of any attacks being launched in the wild using the security hole.
Microsoft is issuing seven security patches next Tuesday, with three of them addressing holes in its Office suite. These may patch the two Excel vulnerabilities made public in the last month, as Excel is part of the Office suite.